Kingsoft Internet Security 9+ suffers from a denial of service vulnerability.
910af9004d7da7e4f6e3f759dbf7114e87cecb39d09afc808493289caa619d3b
WordPress WP Security Audit Log plugin version 3.1.1 suffers from a sensitive information disclosure vulnerability.
a47629c5bd8c626fce9819e8ba2183b5c2383a496409dedde4f1ffcad89ae3ec
Apple Security Advisory 2018-3-29-8 - iCloud for Windows 7.4 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
2b5fddf353c0cc8483438947ebcaa55409c0d770b545358c2c90bd951c9883e7
Apple Security Advisory 2018-3-29-7 - iTunes 12.7.4 for Windows is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
d675b554a5207eb14989149462f75ea146c87952668d12d3c50b77772f472708
Apple Security Advisory 2018-3-29-6 - Safari 11.1 is now available and addresses code execution and denial of service vulnerabilities.
9143298fe99a1e196aee423666f33c8e62d3f8995dee62402a8290297d9d05b4
Apple Security Advisory 2018-3-29-5 - macOS High Sierra 10.13.4, Security Update2018-002 Sierra, and Security Update 2018-002 El Capitan have been released.
afabb97a4e83b113738be8cf9daafeb78fb06301a4cf3692c563dc18cb4961e0
Apple Security Advisory 2018-3-29-4 - Xcode 9.3 is now available and addresses llvm issues.
9c4462106af3d194ddd2a3117ba74d10acf95e3172ad983c81f258cf64a63170
Apple Security Advisory 2018-3-29-3 - tvOS 11.3 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
baba26612f4d65374fab4054e41819e83cb578ffc7df334f5af54f80647ff086
Apple Security Advisory 2018-3-29-2 - watchOS 4.3 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
175c19a3aa3e068aab66d689a01fe0e6928848b746e6b0c1dd5aa6a35636888d
Apple Security Advisory 2018-3-29-1 - iOS 11.3 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
831a5876153ae9b119aa0f3493b15456a2d1c9e01251c16931b0e56c70e84364
CA Technologies Support is alerting customers to two potential risks with CA Workload Automation AE and CA Workload Control Center. Two vulnerabilities exist that can allow a remote attacker to conduct SQL injection attacks or execute code remotely. The first vulnerability in CA Workload Automation AE has a medium risk rating and concerns insufficient data validation that can allow an authenticated remote attacker to conduct SQL injection attacks. The second vulnerability in CA Workload Control Center has a high risk rating and concerns an Apache MyFaces configuration that can allow an authenticated remote attacker to conduct remote code execution attacks.
6b08e25b22ed206c621e2b2509af3c001c02e5de10b5fd7a3c6fc36b019b3700
This Microsoft bulletin summary holds information regarding a CVE addition to the March 2018 Security Updates.
de8c90744ad1aa0dadba5465a0829feca5c2b11141b43d0a7868e12b494f394b
Crea8Social Social Network Script versions Pro and Business suffer from multiple cross site scripting vulnerabilities.
1c511dc6984605cbfe67498189817b0bf03de1884d46c7de560e7dfbbd580f69
Slackware Security Advisory - New ruby packages are available for Slackware 14.2 and -current to fix security issues.
afc1138533c4692071757aac8861ccc77d0fa21aca64028c483c0940b897af84
Debian Linux Security Advisory 4158-1 - It was discovered that constructed ASN.1 types with a recursive definition could exceed the stack, potentially leading to a denial of service.
61eb09db18a5c70dc940a80e29499a5f057d31691004f80e98883af1a0d94207
Debian Linux Security Advisory 4157-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.
e8680537002526b1337312ee29fa9521aef52fdb74130e66d0d1dac4c4dbbbdb
Ubuntu Security Notice 3531-3 - Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides the corrected microcode updates required for the corresponding Linux kernel updates.
176da23c752851e728246932d93ad98d0f8eb9e7c5887c75f512dd9e04e44127
Ubuntu Security Notice 3545-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code.
224eb639e89a0e0e9b41d98f94d9e07dffd8b347db6de93404cf4a345f4ee0f3
This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library (glibc) dynamic linker with libmemusage.so library.
866ac744c655ede9c376e4a47945a3a0e64a8cdb089b30ec2822adfef9bb9512
Tenda FH303/A300 with firmware version 5.07.68_EN cookie session weakness remote DNS changer proof of concept exploit.
f22ca3309579c6470ec144c91bb08b31ee848ae464b29a86c336af34a0a05882
Tenda W3002R/A302/w309r wireless router version 5.07.64_en cookie session weakness remote DNS changer proof of concept exploit.
8cc38578d0ff95d3332823d20ae52be3189b1e08724702def4de3110ca79e255
Tenda W316R wireless router version 5.07.50 cookie session weakness remote DNS changer proof of concept exploit.
659258d6cf96aff07ffb8be69a9afda153ab863ca8f7cf9c41aec604c9a882d0
Allok Video Joiner version 4.6.1217 suffers from a stack-based buffer overflow vulnerability.
085a2394267df8e20d42091a554c405acd982ea390791df5252d485e8af96c81
Advantech WebAccess versions prior to 8.1 webvrpcs DrawSrv.dll path BwBuildPath stack-based buffer overflow remote code execution exploit.
3917887b7385488d5ab094dd0cfa0c73128701eb66ed70da342531a89b649458