Apple Security Advisory 2018-02-19-3 - tvOS 11.2.6 is now available and addresses a memory corruption vulnerability.
7997d4164595e11f305b3d6c79faa1aa1ff650f5fbed7f1897cfc8c37ef7138c
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
9c0f310583ff0dd8168010acd45c7d2e3a37e176300ac642269bce3d759ebda0
Debian Linux Security Advisory 4119-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.
50346d8353f9cf34768fc28f2ae7a5d3f10ad6ceb83122ab37c0a2a7aae86c18
Gentoo Linux Security Advisory 201802-2 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code. Versions less than 64.0.3282.167 are affected.
4beb635a5224714d9441d8f1862aded98034cb33ccd9a9eec0182e6953273df4
Apple Security Advisory 2018-02-19-4 - watchOS 4.2.3 is now available and addresses a memory corruption vulnerability.
f8dd700cb595d8086ffccbb3ef2755fe855402a684fd531ff1ec8cbe5ae7097b
Apple Security Advisory 2018-02-19-2 - macOS High Sierra 10.13.3 Supplemental Update is now available and addresses a memory corruption vulnerability.
c9110694901405cfdef9f44fa28e9af4df4e3513d1897412d5d98395fb820b77
Apple Security Advisory 2018-02-19-1 - iOS 11.2.6 is now available and addresses a memory corruption vulnerability.
465b4d249e59a02472e1bc13d596898006c9be8a65933da23754ff58b23fe514
Ubuntu Security Notice 3574-1 - It was discovered that Bind incorrectly handled DNSSEC validation. An attacker could possibly use this to cause a denial of service.
9d5d5c19302b1cccb2a4da7ee3a4d3e841b18ef6fde187dd71868c1c764a36da
Kentico CMS versions 9 through 11 suffer from a cross site scripting vulnerability.
967355b0c6a6c9686e9db9a108f9747276dd67cd8b53459fdf0e4b861e10f2f3
Kentico CMS versions 9 through 11 suffer from a remote code execution vulnerability.
0a43ddad3e44943a0fbbe783835abb6e39ae869e429023f411ef6ae228cd3430
Bugzilla versions 2.16rc1 to 4.4.12 and 4.5.1 to 5.0.3 suffer from a cross site request forgery vulnerability.
0efea52c1ab426d88a137dbce1b3674901fced5f5c6fc9df71c13baaecd73c96
October CMS versions prior to 1.0.431 suffer from a cross site scripting vulnerability.
1c24c99210f1e4aae61e494bd1776271475f0fa22bd94c356ae4fecbe8cc6793
Aastra 6755i SIP SP4 suffers from a denial of service vulnerability.
d2ff73305e2a0039c97109b1e937bfe8ded69b6860834e78acaa228ab9ffac71
Debian Linux Security Advisory 4118-1 - Jonas Klempel reported that tomcat-native, a library giving Tomcat access to the Apache Portable Runtime (APR) library's network connection (socket) implementation and random-number generator, does not properly handle fields longer than 127 bytes when parsing the AIA-Extension field of a client certificate. If OCSP checks are used, this could result in client certificates that should have been rejected to be accepted.
b0c115257c6baf6fbce5ba322e1b25311ec19b86eef9ab44de646421e383c4d0
Whitepaper called Mobile Application Hacking Diary Episode 2.
84148946cba1f4a8c203b9d331ca95302a61cbb0ac567289bcf37ab3c2259cf6
168 bytes small tcp/4444 shell-binding and IP controlled (192.168.1.190) null-free Linux/ARM shellcode.
dab9a81e0b4cb77bce421d6ef17ec776c684004aa7aad29f1b972cfe6e9e867a