Subscribe via feed.
Archive for January, 2020

Apple Security Advisory 2020-1-28-6

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2020-1-28-6 – iTunes for Windows 12.10.4 is now available and addresses a filesystem access issue.

Tags: , ,

Apple Security Advisory 2020-1-28-5

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2020-1-28-5 – Safari 13.0.5 is now available and addresses address bar spoofing and password disclosure in transit issues.

Tags: , ,

Apple Security Advisory 2020-1-28-3

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2020-1-28-3 – watchOS 6.1.2 is now available and addresses code execution vulnerabilities.

Tags: , ,

Apple Security Advisory 2020-1-28-4

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2020-1-28-4 – tvOS 13.3.1 is now available and addresses code execution vulnerabilities.

Tags: , ,

Apple Security Advisory 2020-1-28-2

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2020-1-28-2 – macOS Catalina 10.15.3, Security Update 2020-001 Mojave, and Security Update 2020-001 High Sierra are now available and address buffer overflow, bypass, and code execution vulnerabilities.

Tags: , ,

Apple Security Advisory 2020-1-28-1

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2020-1-28-1 – iOS 13.3.1 and iPadOS 13.3.1 are now available and address code execution vulnerabilities.

Tags: , ,

Fifthplay S.A.M.I Cross Site Request Forgery / Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Fifthplay S.A.M.I suffers from cross site request forgery and persistent cross site scripting vulnerabilities.

OpenBSD OpenSMTPD Privilege Escalation / Code Execution

Posted by deepcore under exploit (No Respond)

Qualys discovered a vulnerability in OpenSMTPD, OpenBSD’s mail server. This vulnerability is exploitable since May 2018 (commit a8e222352f, “switch smtpd to new grammar”) and allows an attacker to execute arbitrary shell commands, as root.

[webapps] rConfig 3.9.3 – Authenticated Remote Code Execution

Posted by deepcore under Security (No Respond)

rConfig 3.9.3 – Authenticated Remote Code Execution

Tags: ,

[remote] OpenSMTPD 6.6.2 – Remote Code Execution

Posted by deepcore under Security (No Respond)

OpenSMTPD 6.6.2 – Remote Code Execution

Tags: ,