Posted by Pedro Ribeiro on Jan 22Hi,
In October 2018, ICS-CERT issued an advisory for Nuuo CMS:
Long story short, Nuuo CMS contained several vulnerabilities that allow
an unauthenticated attacker (up to version 2.3) or an authenticated
attacker (up to version 3.5) to achieve RCE, download arbitrary files, etc.
Disclosure on this one took near TWO YEARS. And even after Nuuo saying
they have fixed everything, they clearly...
Posted by Kevin Kotas via Fulldisclosure on Jan 22CA20190117-01: Security Notice for CA Service Desk Manager
Issued: January 17, 2019
Last Updated: January 17, 2019
CA Technologies Support is alerting customers to multiple potential
risks with CA Service Desk Manager. Multiple vulnerabilities exist
that can allow a remote attacker to access sensitive information or
possibly gain additional privileges. CA published solutions to
address the vulnerabilities.
The first vulnerability,...
Posted by Hackira via Fulldisclosure on Jan 22The whole HZV team wishes you a happy new year !
For the first edition, leHACK will be held at la Cité des Sciences et de l'Industire, in Paris, on July 6 & 7 2019.
Since our community and the team enjoyed the site from the last year, it wasn't hard to pick a location, which hosted
la Nuit du Hack last year.
This year again will be at your disposal : a 3 level mezzanine, a 900 seats amphitheater, 2000m2 area...
Since we have now many new InfoSec followers, please refer to our security bug-bounty here: https://t.co/R1a7uZ3ziK
Please report buffer overflows, RCEs, integer-overflows, or help us audit our HTTPS stack.
This is sponsored by the @EU_Commission for the EU-FOSSA program #fossa
— VideoLAN (@videolan) January 22, 2019
A VLC bug bounty programját az Európai Bizottság szponzorálja. A program részletei itt olvashatók.
Adobe has released security updates to address vulnerabilities in Adobe Experience Manager. An attacker could exploit these vulnerabilities to obtain sensitive information.
The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Adobe Security Bulletins APSB19-03 and APSB19-09 and apply the necessary updates.