Monthly Archives: January 2017
CVE-2017-5005 (antivirus_pro, internet_security, total_security)
Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O file that is mishandled during a Security Scan (aka Custom Scan) operation.
CVE-2016-10100 (borg)
Borg (aka BorgBackup) before 1.0.9 has a flaw in the way duplicate archive names were processed during manifest recovery, potentially allowing an attacker to overwrite an archive.
CVE-2016-10099 (borg)
Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives.
mingw-flac-1.3.2-1.el7
Update to the latest upstream release 1.3.2, also with some security fixes (see bug #1193445 from the native flac package).
mingw-flac-1.3.2-1.fc25
Update to the latest upstream release 1.3.2, also with some security fixes (see bug #1193445 from the native flac package).
Bugtraq: [slackware-security] seamonkey (SSA:2016-365-03)
[slackware-security] seamonkey (SSA:2016-365-03)
Bugtraq: Fwd: [ANNOUNCE] CVE-2016-6793 Apache Wicket deserialization vulnerability
Fwd: [ANNOUNCE] CVE-2016-6793 Apache Wicket deserialization vulnerability
Bugtraq: [SECURITY] [DSA 3750-1] libphp-phpmailer security update
[SECURITY] [DSA 3750-1] libphp-phpmailer security update
Bugtraq: 0-day: QNAP NAS Devices suffer of heap overflow
0-day: QNAP NAS Devices suffer of heap overflow