SUSE CVE-2018-14361

An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data...

Security Bulletin: Security Vulnerabilities in IBM® Java SDK affect multiple IBM Rational products based on IBM Jazz technology July 2018 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 1.7 and 1.8 that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational...

CVE-2018-21068

An issue was discovered on Samsung mobile devices with O8.0 software. Execution of an application in a locked Secure Folder can occur without a password via a split screen. The Samsung ID is SVE-2018-11669 July 2018...

CVE-2018-21068

An issue was discovered on Samsung mobile devices with O8.0 software. Execution of an application in a locked Secure Folder can occur without a password via a split screen. The Samsung ID is SVE-2018-11669 July 2018...

CVE-2018-21066

An issue was discovered on Samsung mobile devices with M6.0 Exynos or MediaTek chipsets software. There is a buffer overflow in a Trustlet that can cause memory corruption. The Samsung ID is SVE-2018-11599 July 2018...

Information disclosure

An issue was discovered on Samsung mobile devices with N7.x MediaTek chipsets software. There is information disclosure of kernel stack memory in a MediaTek driver. The Samsung ID is SVE-2018-11852 July 2018...

Default credentials

An issue was discovered on Samsung mobile devices with O8.0 software. Execution of an application in a locked Secure Folder can occur without a password via a split screen. The Samsung ID is SVE-2018-11669 July 2018...

CVE-2018-21067

An issue was discovered on Samsung mobile devices with M6.0 software. There is an information disclosure in a Trustlet because an address is logged. The Samsung ID is SVE-2018-11600 July 2018...

CVE-2018-21067

No concrete technical details (affected product/component, root cause, versions, or fix) are provided across the connected documents for CVE-2018-21067. The sources only repeat the generic Samsung Trustlet information disclosure description. Monitor for updates.

Oracle MySQL Connectors DoS (Jul 2018 CPU)

The version of Oracle MySQL Connectors installed on the remote host is 8.0.x prior to 8.0.12 or 5.3.x prior to 5.3.11. It is, therefore, affected by a denial of service vulnerability as noted in the July 2018 Critical Patch Update advisory. This vulnerability is related to OpenSSL's handling of...

Webmin 1.920 password_change.cgi Backdoor Exploit

This Metasploit module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForge downloads were backdoored, but they are listed as official downloads on the project's site. Unknown attackers inserted Perl qx statements into the build server's source code on two separate...

Webmin password_change.cgi Backdoor

This module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForge downloads were backdoored, but they are listed as official downloads on the project's site. Unknown attackers inserted Perl qx statements into the build server's source code on two separate occasions: onc...

Telus Actiontec T2200H WiFi Credential Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Device Details Discovered By: Andrew Klaus [email protected] Vendor: Actiontec Telus Branded, but may work on others Model: T2200H but very likely affecting other models of theirs Affected Firmware: T2200H-31.128L.08 Device Manual:...

Oracle Java SE 6 < Update 201 / 7 < Update 191 / 8 < Update 181 / 10 < Update 2 Multiple Vulnerabilities (July 2018 CPU)

Binary data 700658.prm...

MySQL 5.5.x < 5.5.61 Multiple Vulnerabilities (July 2018 CPU)

Binary data 700616.prm...

MySQL 5.6.x < 5.6.41 Multiple Vulnerabilities (July 2018 CPU)

Binary data 700622.prm...

MySQL 8.0.x < 8.0.12 Multiple Vulnerabilities (July 2018 CPU)

Binary data 700629.prm...

Servicing stack update for Windows 10, version 1803: July 10, 2018

Servicing stack update for Windows 10, version 1803: July 10, 2018 Summary This update makes stability improvements for the Windows 10, version 1803 servicing stack. How to get this update Method 1: Windows Update This update will be downloaded and installed automatically.Note This update is also...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server July 2018 CPU

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in July 2018. These may affect some configurations of IBM WebSphere Application Server...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM PureApplication System (July and October 2018 updates)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 and 7, used by the IBM PureApplication System. These issues were disclosed as part of the IBM Java SDK quarterly updates in July and October 2018, and the following vulnerabilities have been addressed...