Mail Index
- CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation
- [SECURITY] [DSA 3681-2] wordpress regression update
- [SECURITY] [DSA 3684-1] libdbd-mysql-perl security update
- TeempIp XSS Cookie Theft
- AuraDVD Ripper Professional v1.6.3 - DLL Hijacking Exploit
- Serimux SSH Console Switch v2.4 - Multiple Cross Site Vulnerabilities
- ESA-2016-063: EMC Replication Manager and Network Module for Microsoft Remote Code Execution Vulnerability
- From: EMC Product Security Response Center
- ESA-2016-121: EMC Unisphere for VMAX and Solutions Enabler Virtual Appliances Multiple Vulnerabilities
- From: EMC Product Security Response Center
- Clean Master v1.0 - Unquoted Path Privilege Escalation
- Cyberoam iview UTM v0.1.2.7 - (Ajax) XSS Web Vulnerability
- Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBGN03639 rev.1 - HPE KeyView, Remote Code Execution
- [SECURITY] [DSA 3687-1] nspr security update
- [SECURITY] [DSA 3688-1] nss security update
- KL-001-2016-004 : Cisco Firepower Threat Management Console Authenticated Denial of Service
- From: KoreLogic Disclosures
- KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL Credentials
- From: KoreLogic Disclosures
- September 2016 - HipChat Plugin for various products - Critical Security Advisory
- [SYSS-2016-033] Microsoft Wireless Desktop 2000 - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key)
- [SYSS-2016-068] Fujitsu Wireless Keyboard Set LX901 - Cryptographic Issues (CWE-310), Missing Protection against Replay Attacks
- Crashing Android devices with large Assisted-GPS Data Files [CVE-2016-5348]
- From: Nightwatch Cybersecurity Research
- [SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks
- [SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks
- SEC Consult SA-20161011-0 :: XXE vulnerability in RSA Enterprise Compromise Assessment Tool (ECAT)
- From: SEC Consult Vulnerability Lab
- [SEARCH-LAB advisory] AVTECH IP Camera, NVR, DVR multiple vulnerabilities
- Contenido v4.9.11 CMS - (Backend) Multiple XSS Vulnerabilities
- From: admin@xxxxxxxxxxxxxxxxx
- Facebook API v2.1 - RFC6749 Open Redirect Vulnerability
- [security bulletin] HPSBPV03516 rev.2 - HP VAN SDN Controller, Multiple Vulnerabilities
- Multiple Vulnerabilities in Plone CMS
- Cisco Security Advisory: Cisco Meeting Server Client Authentication Bypass Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- ZendStudio IDE v13.5.1 Privilege Escalation
- Snort v2.9.7.0-WIN32 DLL Hijack
- [security bulletin] HPSBNS03661 rev.1 - NonStop Backbox, Remote Disclosure of Information
- Evernote for Windows DLL Loading Remote Code Execution Vulnerability
- [SECURITY] [DSA 3693-1] libgd2 security update
- [ERPSCAN-16-030] SAP NetWeaver - buffer overflow vulnerability
- [SECURITY] [DSA 3694-1] tor security update
- [SECURITY] [DSA 3695-1] quagga security update
- Cisco Security Advisory: Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBGN03663 rev.1 - HPE ArcSight WINC Connector, Remote Code Execution
- Defense in depth -- the Microsoft way (part 45): filesystem redirection fails to redirect the application directory
- [CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability
- Defense in depth -- the Microsoft way (part 44): complete failure of Windows Update
- ESA-2016-111: EMC Avamar Data Store and Avamar Virtual Edition Privilege Escalation Vulnerability
- From: EMC Product Security Response Center
- Oracle Netbeans IDE v8.1 Import Directory Traversal
- Puppet Enterprise Web Interface Authentication Redirect
- Puppet Enterprise Web Interface User Enumeration
- Puppet Enterprise Web Interface Authentication Redirect
- [SECURITY] [DSA 3698-1] php5 security update
- From: Salvatore Bonaccorso
- APPLE-SA-2016-10-24-3 Safari 10.0.1
- From: Apple Product Security
- wincvs-2.0.2.4 Privilege Escalation
- CVE-2016-6804 Apache OpenOffice Windows Installer Untrusted Search Path
- FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED]
- From: FreeBSD Security Advisories
- [SECURITY] [DSA 3701-1] nginx security update
- [SECURITY] [DSA 3700-1] asterisk security update
- CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation
- [security bulletin] HPSBHF3549 ThinkPwn UEFI BIOS SmmRuntime Escalation of Privilege
- [security bulletin] HPSBMU03653 rev.1 - HPE System Management Homepage (SMH), Remote Arbitrary Code Execution, Cross-Site Scripting (XSS), Denial of Service (DoS), Unauthorized Disclosure of Information
- APPLE-SA-2016-10-27-3 iTunes 12.5.2 for Windows
- From: Apple Product Security
- [SECURITY] [DSA 3701-2] nginx regression update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3691-2] ghostscript regression update
- From: Salvatore Bonaccorso
- October 2016 - Crowd - Critical Security Advisory
Mail converted by MHonArc