[SECURITY] Fedora 28 Update: php-simplesamlphp-saml2-2.3.8-1.fc28

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp 1, used by OpenConext 2. This library started as a collaboration between UNINETT 3 and SURFnet 4 but everyone is invited to contribute. Autoloader: /usr/share/php/SAML2/autoload.php 1 https://www.simplesamlphp.org/ 2...

[SECURITY] Fedora 28 Update: php-simplesamlphp-saml2_3-3.1.4-3.fc28

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp 1, used by OpenConext 2. This library started as a collaboration between UNINETT 3 and SURFnet 4 but everyone is invited to contribute. Autoloader: /usr/share/php/SAML23/autoload.php 1 https://www.simplesamlphp.org/ 2...

[SECURITY] Fedora 28 Update: php-simplesamlphp-saml2_1-1.10.6-1.fc28

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp 1, used by OpenConext 2. This library started as a collaboration between UNINETT 3 and SURFnet 4 but everyone is invited to contribute. Autoloader: /usr/share/php/SAML21/autoload.php 1 https://www.simplesamlphp.org/ 2...

[SECURITY] Fedora 27 Update: php-simplesamlphp-saml2_1-1.10.6-1.fc27

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp 1, used by OpenConext 2. This library started as a collaboration between UNINETT 3 and SURFnet 4 but everyone is invited to contribute. Autoloader: /usr/share/php/SAML21/autoload.php 1 https://www.simplesamlphp.org/ 2...

[SECURITY] Fedora 26 Update: php-simplesamlphp-saml2_3-3.1.4-1.fc26

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp 1, used by OpenConext 2. This library started as a collaboration between UNINETT 3 and SURFnet 4 but everyone is invited to contribute. Autoloader: /usr/share/php/SAML23/autoload.php 1 https://www.simplesamlphp.org/ 2...

[SECURITY] Fedora 26 Update: php-simplesamlphp-saml2-2.3.8-1.fc26

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp 1, used by OpenConext 2. This library started as a collaboration between UNINETT 3 and SURFnet 4 but everyone is invited to contribute. Autoloader: /usr/share/php/SAML2/autoload.php 1 https://www.simplesamlphp.org/ 2...

[SECURITY] Fedora 26 Update: php-simplesamlphp-saml2_1-1.10.6-1.fc26

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp 1, used by OpenConext 2. This library started as a collaboration between UNINETT 3 and SURFnet 4 but everyone is invited to contribute. Autoloader: /usr/share/php/SAML21/autoload.php 1 https://www.simplesamlphp.org/ 2...

CVE-2018-1000138

I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources...

CVE-2018-1000138

I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources...

openSUSE Security Update : qemu (openSUSE-2018-291) (Spectre)

This update for qemu fixes the following issues : This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. CVE-2017-5715 bsc1068032 The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2018:0762-1) (Spectre)

This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. CVE-2017-5715 bsc1068032 The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by...

Trojanized BitTorrent Software Update Hijacked 400,000 PCs Last Week

A massive malware outbreak that last week infected nearly half a million computers with cryptocurrency mining malware in just a few hours was caused by a backdoored version of popular BitTorrent client called MediaGet. Dubbed Dofoil also known as Smoke Loader, the malware was found dropping a...

[SECURITY] Fedora 26 Update: wavpack-5.1.0-7.fc26

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

CVE-2018-1323

The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via IIS, then it was possible fo...

Tuleap 9.17.99.189 - Blind SQL Injection Vulnerability

Exploit for php platform in category web applications =============================================================================== title: Tuleap SQL Injection case id: CM-2018-01 product: Tuleap version 9.17.99.189 vulnerability type: Blind SQL injection - time based severity: High found:...

Xxe

The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0.2.1 On-Premises allows for an XML External Entity attack through a crafted file, allowing attackers to read arbitrary files...

CVE-2018-1323

The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via IIS, then it was possible fo...

brick.si XSS vulnerability

Open Bug Bounty ID: OBB-578741 Description| Value ---|--- Affected Website:| brick.si Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

museuepiscopalvic.com XSS vulnerability

Open Bug Bounty ID: OBB-578678 Description| Value ---|--- Affected Website:| museuepiscopalvic.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Tuleap 9.17.99.189 SQL Injection Vulnerability

Exploit for php platform in category web applications =============================================================================== title: Tuleap SQL Injection case id: CM-2018-01 product: Tuleap version 9.17.99.189 vulnerability type: Blind SQL injection - time based severity: High found:...