19.05.2019 14:35 When using an OCSP responder did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using mutual TLS .
19.05.2019 13:05 Security fix for CVE-2019-9578
18.05.2019 22:03 Erratum: bad versions An attack vector was discovered by lemonldap-ng developers. When the SAML or CAS service provider is enable and the administrator has chosen to store
18.05.2019 22:03 An attack vector was discovered by the lemonldap-ng developers. When the SAML or CAS service provider is enabled and the administrator has chosen to store the SAML/CAS tokens in the session database, an attacker can open an anonymous session to connect to any protected application that
18.05.2019 15:33 Sandbox escape due to information disclosure via str.format . str.format_map allows sandbox escape . References:
18.05.2019 15:33 libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded .
18.05.2019 15:33 This update provies Virtualbox 6.0.8 that fixes the Microarchitectural Data Sampling vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU.
18.05.2019 15:33 A use after free that leads to arbitrary code execution. References: - https://bugs.mageia.org/show_bug.cgi?id=24822 - https://helpx.adobe.com/security/products/flash-player/apsb19-26.html
18.05.2019 15:33 An attacker can reflect the received scalar and element from the server in it's own commit message, and subsequently reflect the confirm value as well. This causes the adversary to successfully authenticate as the victim .
18.05.2019 06:05 8u212 update
18.05.2019 06:05 Update to Samba 4.9.8, Security fixes for CVE-2018-16860 ---- Update to Samba 4.9.7
18.05.2019 04:38 8u212 update
18.05.2019 04:38 ytnef 1.9.3 release, fixing a number of security issues: - CVE-2017-9470 - CVE-2017-9471 - CVE-2017-9474 - CVE-2017-9058 - CVE-2017-12142 - CVE-2017-12141 - CVE-2017-12144
18.05.2019 01:04 An update that fixes one vulnerability is now available.
17.05.2019 22:11 An update that fixes one vulnerability is now available.
