Mail Thread Index
- [HITB-Announce] HITB2017AMS CFP,
Hafez Kamal
- OS-S 2016-23 - Local DoS: Linux Kernel EXT4 Error Handling (EXT4 calling panic()),
Ralf Spenneberg
- CfP and Special Session :: CyberSec2017,
Jackie Blanco
- [slackware-security] x11 (SSA:2016-305-02),
Slackware Security Team
- [slackware-security] mariadb (SSA:2016-305-03),
Slackware Security Team
- [slackware-security] php (SSA:2016-305-04),
Slackware Security Team
- Microsoft Internet Explorer 9 MSHTML CAttrArray use-after-free details,
Berend-Jan Wever
- Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability,
Cisco Systems Product Security Incident Response Team
- [security bulletin] HPSBUX03664 SSRT110248 rev.1 - HP-UX BIND Service running named, Remote Denial of Service (DoS),
security-alert
- Axessh 4.2.2 Denial Of Service,
apparitionsec
- [security bulletin] HPSBUX03665 rev.1 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS) and URL Redirection,
security-alert
- MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ),
Dawid Golunski
- KL-001-2016-008 : Sophos Web Appliance Privilege Escalation,
KoreLogic Disclosures
- KL-001-2016-009 : Sophos Web Appliance Remote Code Execution,
KoreLogic Disclosures
- [security bulletin] HPSBGN03657 rev.1 - HPE Network Node Manager i (NNMi) Software, Local Code Execution,
security-alert
- [security bulletin] HPSBGN03656 rev.1 - HPE Network Node Manager i (NNMi) Software using Java Deserialization, Remote Arbitrary Code Execution and Cross-Site Scripting,
security-alert
- Rapid PHP Editor CSRF Remote Command Execution,
apparitionsec
- WinaXe v7.7 FTP 'Server Ready' CMD Remote Buffer Overflow,
apparitionsec
- Faraznet Cms Cross-Site Scripting Vulnerability,
iedb . team
- Edusson (Robotdon) BB - Filter Bypass & Persistent Vulnerability,
Vulnerability Lab
- Edusson (Robotdon) - Client Side Cross Site Scripting Vulnerability,
Vulnerability Lab
- Schoolhos CMS v2.29 - (kelas) Data Siswa SQL Injection Vulnerability,
Vulnerability Lab
- [security bulletin] HPSBGN03643 rev.1 - HPE KeyView using Filter SDK, Remote Code Execution,
security-alert
- [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow,
Pedro Ribeiro
- [SECURITY] [DSA 3707-1] openjdk-7 security update,
Moritz Muehlenhoff
- Cross Site Scripting Vulnerability In Verint Impact 360,
sanehsingh
- Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin,
Summer of Pwnage
- Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin,
Summer of Pwnage
- Cross-Site Scripting in Calendar WordPress Plugin,
Summer of Pwnage
- URL Redirection Vulnerability In Verint Impact 360,
sanehsingh
- [security bulletin] HPSBGN03670 rev.1 - HPE Business Service Management (BSM) using Java Deserialization, Remote Code Execution,
security-alert
- [SECURITY] [DSA 3709-1] libxslt security update,
Salvatore Bonaccorso
- MSIE 9-11 MSHTML PROPERTYDESC::HandleStyleComponentProperty OOB read details,
Berend-Jan Wever
- Blind SQL Injection Vulnerability in Exponent CMS 2.4.0,
nickyccwu
- WININET CHttpHeaderParser::ParseStatusLine out-of-bounds read details,
Berend-Jan Wever
- Secunia Research: Oracle Outside In "VwStreamRead()" Buffer Overflow Vulnerability,
Secunia Research
- Secunia Research: Oracle Outside In "GetTxObj()" Use-After-Free Vulnerability,
Secunia Research
- CVE-2016-6809 – Arbitrary Code Execution Vulnerability in Apache Tika’s MATLAB Parser ,
tallison
- Secunia Research: Microsoft Windows OTF Parsing Table Encoding Record Offset Vulnerability,
Secunia Research
- [SECURITY] [DSA 3711-1] mariadb-10.0 security update,
Salvatore Bonaccorso
- CVE-2016-9277: A IDX Out of Bound vulnerability in systemui can make crash and ui restart,
unlimitsec
- WHM Panel Mail Delivery Reports crash database Vulnerability,
iedb . team
- [CVE-2016-8736] Apache Openmeetings RMI Registry Java Deserialization RCE,
Maxim Solodovnik
- CVE-2015-0040: Microsoft Internet Explorer 11 MSHTML CMapElement::Notify use-after-free details,
Berend-Jan Wever
- SEC Consult SA-20161114-0 :: Multiple vulnerabilities in I-Panda SolarEagle - Solar Controller Administration Software / MPPT Solar Controller SMART2,
SEC Consult Vulnerability Lab
- Multiple vulnerabilities in Barco Clickshare,
vincent.ruijter
- [security bulletin] HPSBGN03669 rev.1 - HPE SiteScope, Local Elevation of Privilege, Remote Denial of Service, Arbitrary Code Execution and Cross-Site Request Forgery,
security-alert
- [security bulletin] HPSBUX03665 rev.2 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS) and URL Redirection,
security-alert
- CVE-2016-4484: - Cryptsetup Initrd root Shell,
Hector Marco
- Actiontec WCB3000N (Telus Branded) Local Unauthenticated Privilege Elevation and Password Reset,
Andrew Klaus
- [security bulletin] HPSBST03671 rev.1 - HPE StoreEver MSL6480 Tape Library, Remote Unauthorized Disclosure of Information,
security-alert
- CVE-2015-2482 MSIE 8 jscript RegExpBase::FBadHeader use-after-free details,
Berend-Jan Wever
- [security bulletin] HPSBGN03676 rev.1 - HPE Helion OpenStack Glance Image Service, Remote Denial of Service (DoS),
security-alert
- [SECURITY] [DSA 3716-1] firefox-esr security update,
Moritz Muehlenhoff
- Executable installers are vulnerable^WEVIL (case 41): EmsiSoft's Emergency Kit allows elevation of privilege for everybody,
Stefan Kanthak
- [ERPSCAN-16-032] SAP Telnet Console – Directory traversal vulnerability,
ERPScan inc
- [ERPSCAN-16-031] SAP NetWeaver AS ABAP – directory traversal using READ DATASET,
ERPScan inc
- Reason Core Security v1.2.0.1 - Unqoted Path Privilege Escalation Vulnerability,
Vulnerability Lab
- CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details,
Berend-Jan Wever
- [slackware-security] mozilla-firefox (SSA:2016-323-01),
Slackware Security Team
- Cross-Site Scripting in Huge IT Portfolio Gallery WordPress Plugin,
Summer of Pwnage
- Cross-Site Scripting in Check Email WordPress Plugin,
Summer of Pwnage
- Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin,
Summer of Pwnage
- Putty Cleartext Password Storage,
apparitionsec
- [security bulletin] HPSBHF03675 rev.1 - HPE Integrated Lights-Out 3 and 4 (iLO 3, iLO 4), Cross-Site Scripting (XSS),
security-alert
- Multiple issues in OpManager 12100 & 12200,
Michael Heydon
- [RCESEC-2016-007] AppFusions Doxygen for Atlassian Confluence v1.3.0 getTemporaryDirectory() tempId Path Traversal/Remote Code Execution,
Julien Ahrens
- [RCESEC-2016-008] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Full Path Information Disclosure,
Julien Ahrens
- [RCESEC-2016-009] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Persistent Cross-Site Scripting,
Julien Ahrens
- Nginx (Debian-based distros) - Root Privilege Escalation (CVE-2016-1247),
Dawid Golunski
- [ERPSCAN-16-034] SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component,
ERPScan inc
- [SECURITY] [DSA 3719-1] wireshark security update,
Sebastien Delafond
- Web vulnerabilities in Siemens S7-300/S7-400/CP343-1/CP443-1,
Andrea Barisani
- CVE-2015-0050: Microsoft Internet Explorer 8 MSHTML SRunPointer::SpanQualifier/RunType OOB read details,
Berend-Jan Wever
- [CORE-2016-0007] - TP-LINK TDDP Multiple Vulnerabilities,
CORE Advisories Team
- [SYSS-2016-072] Olympia Protect 9061 - Missing Protection against Replay Attacks,
matthias . deeg
- [SYSS-2016-106] EASY HOME Alarmanlagen-Set - Missing Protection against Replay Attacks,
matthias . deeg
- CVE-2015-1251: Chrome blink SpeechRecognitionController use-after-free details,
Berend-Jan Wever
- [security bulletin] HPSBHF03673 rev.1 - HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Multiple Remote Vulnerabilities,
security-alert
- [CVE-2016-7098] GNU Wget < 1.18 Access List Bypass / Race Condition,
Dawid Golunski
- [SYSS-2016-066] Multi Kon Trade M2B GSM Wireless Alarm System - Missing Protection against Replay Attacks,
gerhard . klostermeier
- [SYSS-2016-064] Multi Kon Trade M2B GSM Wireless Alarm System - Improper Restriction of Excessive Authentication Attempts (CWE-307),
gerhard . klostermeier
- [SYSS-2016-071] Blaupunkt Smart GSM Alarm SA 2500 Kit - Missing Protection against Replay Attacks,
matthias . deeg
- [SYSS-2016-107] EASY HOME Alarmanlagen-Set - Cryptographic Issues (CWE-310),
gerhard . klostermeier
- WorldCIST'17 - Submission deadline: November 27,
ML
- [SECURITY] [DSA 3723-1] gst-plugins-good1.0 security update,
Salvatore Bonaccorso
- [SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update,
Salvatore Bonaccorso
- Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic,
Jackie Blanco
- CVE 2016-6803: Apache OpenOffice Unquoted Search Path Vulnerability,
Apache OpenOffice Security
- WorldCIST'2017 - Submission deadline: November 30,
ML
- Core FTP LE v2.2 Remote SSH/SFTP Buffer Overflow,
apparitionsec
- [SECURITY] [DSA 3725-1] icu security update,
Luciano Bello
- SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic,
SEC Consult Vulnerability Lab
- Google Chrome Accessibility blink::Node corruption details,
Berend-Jan Wever
- XSS in tooltip plugin of Zurb Foundation 5,
Winni Neessen
- [RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler,
RedTeam Pentesting GmbH
Mail converted by MHonArc