Feed aggregator

[security bulletin] MFSBGN03837 rev.1 - Network Node Manager i, Multiple Vulnerabilities

BugTraq Latest Security Advisories - December 12, 2018 - 11:12pm

Posted by security-alert on Dec 12

Note: the current version of the following document is available here:
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03302206

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM03302206
Version: 1

MFSBGN03837 rev.1 - Network Node Manager i, Multiple Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2018-12-12
Last Updated: 2018-12-12...
Categories:

[slackware-security] mozilla-firefox (SSA:2018-345-01)

BugTraq Latest Security Advisories - December 12, 2018 - 7:53am

Posted by Slackware Security Team on Dec 12

[slackware-security] mozilla-firefox (SSA:2018-345-01)

New mozilla-firefox packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-60.4.0esr-i686-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

next-20181212: linux-next

Linux Kernel Updates - December 12, 2018 - 1:30am
Version:next-20181212 (linux-next) Released:2018-12-12

Vuln: phpMyAdmin CVE-2018-19968 Local File Include Vulnerability

Security Focus Latest Security Advisories - December 12, 2018 - 12:00am
phpMyAdmin CVE-2018-19968 Local File Include Vulnerability
Categories:

Vuln: OpenSSL CVE-2018-5407 Side Channel Attack Information Disclosure Vulnerability

Security Focus Latest Security Advisories - December 12, 2018 - 12:00am
OpenSSL CVE-2018-5407 Side Channel Attack Information Disclosure Vulnerability
Categories:

Vuln: OpenSSL CVE-2018-0734 Side Channel Attack Information Disclosure Vulnerability

Security Focus Latest Security Advisories - December 12, 2018 - 12:00am
OpenSSL CVE-2018-0734 Side Channel Attack Information Disclosure Vulnerability
Categories:

Vuln: Oracle Solaris CVE-2017-3623 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - December 12, 2018 - 12:00am
Oracle Solaris CVE-2017-3623 Remote Code Execution Vulnerability
Categories:

Vuln: X.Org X Server CVE-2018-14665 Multiple Local Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - December 12, 2018 - 12:00am
X.Org X Server CVE-2018-14665 Multiple Local Privilege Escalation Vulnerability
Categories:

Zoho ManageEngine OpManager 12.3 before Build 123237 has XSS via the domainController API.

BugTraq Latest Security Advisories - December 11, 2018 - 12:39pm

Posted by Murat Aydemir on Dec 11

I. VULNERABILITY
-------------------------
Zoho ManageEngine OpManager 12.3 before Build 123237 has XSS via the
domainController API.

II. CVE REFERENCE
-------------------------
CVE-2018-19921

III. VENDOR
-------------------------
https://www.manageengine.com

IV. TIMELINE
-------------------------
20/11/18 Vulnerability discovered
20/11/18 Vendor contacted
06/12/2018 OPManager replay that they fixed

V. CREDIT
-------------------------
Murat...
Categories:

[SECURITY] [DSA 4353-1] php7.0 security update

BugTraq Latest Security Advisories - December 11, 2018 - 12:36pm

Posted by Moritz Muehlenhoff on Dec 11

-------------------------------------------------------------------------
Debian Security Advisory DSA-4353-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
December 10, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : php7.0
CVE ID : CVE-2018-14851 CVE-2018-14883...
Categories:

next-20181211: linux-next

Linux Kernel Updates - December 11, 2018 - 2:23am
Version:next-20181211 (linux-next) Released:2018-12-11

Vuln: SAP Kernel and Change and Transport System CVE-2018-2441 Security Bypass Vulnerability

Security Focus Latest Security Advisories - December 11, 2018 - 12:00am
SAP Kernel and Change and Transport System CVE-2018-2441 Security Bypass Vulnerability
Categories:

Vuln: SAP Business Client Unspecified Security Vulnerability

Security Focus Latest Security Advisories - December 11, 2018 - 12:00am
SAP Business Client Unspecified Security Vulnerability
Categories:

Vuln: Adobe Acrobat and Reader APSB18-41 Multiple Arbitrary Code Execution Vulnerabilities

Security Focus Latest Security Advisories - December 11, 2018 - 12:00am
Adobe Acrobat and Reader APSB18-41 Multiple Arbitrary Code Execution Vulnerabilities
Categories:

Vuln: Adobe Acrobat and Reader APSB18-41 Multiple Heap Buffer Overflow Vulnerabilities

Security Focus Latest Security Advisories - December 11, 2018 - 12:00am
Adobe Acrobat and Reader APSB18-41 Multiple Heap Buffer Overflow Vulnerabilities
Categories:

Vuln: SAP HANA CVE-2018-2497 Security Bypass Vulnerability

Security Focus Latest Security Advisories - December 11, 2018 - 12:00am
SAP HANA CVE-2018-2497 Security Bypass Vulnerability
Categories:

Vuln: Kubernetes API Server of Gardener CVE-2018-2475 Unauthorized Access Vulnerability

Security Focus Latest Security Advisories - December 11, 2018 - 12:00am
Kubernetes API Server of Gardener CVE-2018-2475 Unauthorized Access Vulnerability
Categories:

Vuln: Ghostscript CVE-2018-19409 Security Bypass Vulnerability

Security Focus Latest Security Advisories - December 11, 2018 - 12:00am
Ghostscript CVE-2018-19409 Security Bypass Vulnerability
Categories:

Vuln: SAP Hybris Commerce CVE-2018-2505 Cross Site Scripting Vulnerability

Security Focus Latest Security Advisories - December 11, 2018 - 12:00am
SAP Hybris Commerce CVE-2018-2505 Cross Site Scripting Vulnerability
Categories:

Vuln: SAP NetWeaver AS JAVA CVE-2018-2504 Cross Site Scripting Vulnerability

Security Focus Latest Security Advisories - December 11, 2018 - 12:00am
SAP NetWeaver AS JAVA CVE-2018-2504 Cross Site Scripting Vulnerability
Categories: