Sources
Security Focus Vulnerabilities
- More rss feeds from SecurityFocus 10 min 26 sec old
- Bugtraq: Local information disclosure in OpenSMTPD (CVE-2020-8793) 10 min 26 sec old
- Bugtraq: LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) 10 min 26 sec old
- Bugtraq: [SECURITY] [DSA 4633-1] curl security update 10 min 26 sec old
- Bugtraq: Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888) 10 min 26 sec old
Full Disclosure
- APPLE-SA-2020-09-16-5 Xcode 12.0 3 hours 10 sec old
- APPLE-SA-2020-09-16-4 watchOS 7.0 3 hours 13 sec old
- APPLE-SA-2020-09-16-3 Safari 14.0 3 hours 15 sec old
- APPLE-SA-2020-09-16-2 tvOS 14.0 3 hours 18 sec old
- APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0 3 hours 21 sec old
- Navy Federal Reflective Cross Site Scripting (XSS) 3 hours 48 sec old
- Apache + PHP <= 7.4.10 open_basedir bypass 3 hours 2 min old
- [CVE-2020-16171] Acronis Cyber Backup <= v12.5 Build 16341 Full Unauthenticated SSRF 3 days 2 hours old
- ModSecurity v3 affected by DoS (CVE-2020-15598) 3 days 2 hours old
- ARA-2020-005: Insecure Direct Object Reference in 1CRM (CVE-2020-15958) 3 days 2 hours old
- Windows TCPIP Finger Command / C2 Channel and Bypassing Security Software 6 days 15 hours old
- CVE-2020-8152 – Elevation of Privilege in Backblaze 1 week 2 hours old
- CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze 1 week 2 hours old
- Cross-Site Scripting Vulnerabilities in IlchCMS 2.1.37 1 week 2 hours old
- Two vulnerabilities found in MikroTik's RouterOS 1 week 2 hours old
- Hyland OnBase 19.x and below - Data Import Denial Of Service 1 week 2 hours old
- Hyland OnBase 19.x and below - Unrestricted File Upload 1 week 2 hours old
- Hyland OnBase 19.x and below - XML External Entity (XXE) Injection 1 week 3 days old
- Hyland OnBase 19.x and below - Insecure Deserialization 1 week 3 days old
- Hyland OnBase 19.x and below - Path Traversal 1 week 4 days old
- Hyland OnBase 19.x and below - DLL Hijacking 1 week 4 days old
- Hyland OnBase 19.x and below - Unity Client Malformed Image Denial Of Service 1 week 4 days old
- [RT-SA-2020-004] Inconsistent Behavior of Go's CGI and FastCGI Transport May Lead to Cross-Site Scripting 2 weeks 2 days old
- Kamailio vulnerable to header smuggling possible due to bypass of remove_hf 2 weeks 3 days old
- Sagemcom router insecure deserialization > privilege escalation 2 weeks 3 days old
Daily Dave
- R2 Browser Hacking Class Review 5 weeks 1 day old
- Dino-VSS 5 weeks 3 days old
- Re: [EXTERNAL] WAF Metrics 8 weeks 6 days old
- Re: [EXTERNAL] WAF Metrics 8 weeks 6 days old
- Re: [EXTERNAL] WAF Metrics 9 weeks 1 day old
- Re: [EXTERNAL] WAF Metrics 9 weeks 2 days old
- Re: [EXTERNAL] WAF Metrics 9 weeks 3 days old
- Re: WAF Metrics 9 weeks 4 days old
- WAFs: HTTP Desynchronization as a Metric 9 weeks 4 days old
- Re: [EXTERNAL] WAF Metrics 9 weeks 4 days old
- Re: WAF Metrics 9 weeks 5 days old
- Re: [EXTERNAL] WAF Metrics 9 weeks 5 days old
- WAF Metrics 9 weeks 6 days old
- Re: Brad gets real! 10 weeks 3 days old
- Re: Brad gets real! 10 weeks 3 days old
- Re: Brad gets real! 10 weeks 3 days old
- Re: Brad gets real! 10 weeks 4 days old
- Brad gets real! 10 weeks 4 days old
- Data 13 weeks 1 day old
Bug Traq
- Defense in depth -- the Microsoft way (part 62): Windows shipped with end-of-life components 29 weeks 3 days old
- Local information disclosure in OpenSMTPD (CVE-2020-8793) 29 weeks 3 days old
- LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) 29 weeks 3 days old
- [SECURITY] [DSA 4633-1] curl security update 29 weeks 3 days old
- Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888) 29 weeks 3 days old
- [TZO-22-2020] Qihoo360 | GDATA | Rising | Command Generic Malformed Archive Bypass 29 weeks 4 days old
- [TZO-16-2020] - F-SECURE Generic Malformed Container bypass (GZIP) 29 weeks 4 days old
- [slackware-security] proftpd (SSA:2020-051-01) 30 weeks 13 hours old
- [SECURITY] [DSA 4628-1] php7.0 security update 30 weeks 2 days old
- [SECURITY] [DSA 4629-1] python-django security update 30 weeks 2 days old
- [TZO-18-2020] - Bitdefender Malformed Archive bypass (GZIP) 30 weeks 3 days old
- [TZO-17-2020] - Kaspersky Generic Archive Bypass (ZIP FLNMLEN) 30 weeks 3 days old
- [SECURITY] [DSA 4626-1] php7.3 security update 30 weeks 3 days old
- [SECURITY] [DSA 4627-1] webkit2gtk security update 30 weeks 3 days old
- Web Application Firewall bypass via Bluecoat device 30 weeks 4 days old
- WebKitGTK and WPE WebKit Security Advisory WSA-2020-0002 30 weeks 4 days old
- [SECURITY] [DSA 4620-1] firefox-esr security update 30 weeks 4 days old
- [SECURITY] [DSA 4621-1] openjdk-8 security update 30 weeks 4 days old
- CVE-2020-0728: Windows Modules Installer Service Information Disclosure Vulnerability 30 weeks 4 days old
- [slackware-security] libarchive (SSA:2020-043-01) 30 weeks 4 days old
- [TZO-15-2020] - F-SECURE Generic Malformed Container bypass (RAR) 30 weeks 4 days old
- [SECURITY] [DSA 4624-1] evince security update 30 weeks 4 days old
- [SECURITY] [DSA 4625-1] thunderbird security update 30 weeks 4 days old
- [TZO-13-2020] - AVIRA Generic AV Bypass (ZIP GPFLAG) 31 weeks 7 hours old
- [TZO-11-2020] - ESET Generic Malformed Archive Bypass (BZ2 Checksum) 31 weeks 7 hours old
