Mail Index
- Multiple local privilege escalation vulnerabilities in HideMyAss Pro VPN client v2.x for OS X
- SyntaxHighlight MediaWiki extension allows injection of arbitrary Pygments options
- IML 2017 Conference, ACM digital library proceedings, Venue: Liverpool John Moores University, United Kingdom
- From: IML 2017 Conference
- [security bulletin] HPESBHF03741 rev.1 - HPE Network products including Comware 7, IMC, and VCX running OpenSSL, Local Unauthorized Disclosure of Information, Remote Denial of Service (DoS), Unauthorized Disclosure of Information
- MODX Revolution 2.0.1-pl - 2.5.6-pl blind SQLi
- [SECURITY] [DSA 3842-1] tomcat7 security update
- [SECURITY] [DSA 3843-1] tomcat8 security update
- Mura CMS Cross-Site Scripting (XSS) Vulnerability
- Hola VPN v1.34 - Privilege Escalation Vulnerability
- Joomla com_tag v1.7.6 - (tag) SQL Injection Vulnerability
- Super File Explorer 1.0.1 - Arbitrary File Upload Vulnerability
- Arachni v1.5-0.5.11 - Persistent Cross Site Vulnerability
- Zenario v7.6 - Persistent Cross Site Scripting Vulnerability
- Zenario CMS v7.6 - (Delete) Persistent Cross Site Vulnerability
- ESA-2017-036: EMC Data Domain Privilege Escalation Vulnerability
- From: EMC Product Security Response Center
- WordPress Core <= 4.7.4 Potential Unauthorized Password Reset (0day) [CVE-2017-8295]
- [security bulletin] HPESBGN03740 rev.1 - HPE Network Automation, Multiple Remote Vulnerabilities
- [security bulletin] HPESBHF03736 rev.1 - HPE Aruba and HPE ProVision network switches using Diffie Hellman Group1 Sha1 Exchange Algorithm, Remote Disclosure of Information
- CA20170504-01: Security Notice for CA Client Automation OS Installation Management
- ESA-2017-035: EMC Mainframe Enablers ResourcePak Base privilege management vulnerability
- From: EMC Product Security Response Center
- [SECURITY] [DSA 3845-1] libtirpc security update
- [SECURITY] [DSA 3846-1] libytnef security update
- SEC Consult SA-20170509-0 :: Multiple vulnerabilities in I, Librarian PDF manager
- From: SEC Consult Vulnerability Lab
- CVE-2016-6799: Internal system information leak
- [security bulletin] HPESBST03739 rev.1 - HPE StoreFabric B-series Switches, Remote Elevation of Privilege
- [SECURITY] [DSA 3847-1] xen security update
- Multiple Vulnerabilities in ASUS Routers [CVE-2017-5891 and CVE-2017-5892]
- From: Nightwatch Cybersecurity Research
- [SECURITY] [DSA 3848-1] git security update
- From: Salvatore Bonaccorso
- SEC Consult SA-20170510-0 :: Insecure Handling Of URI Schemes in Microsoft OneDrive iOS App
- From: SEC Consult Vulnerability Lab
- [CORE-2017-0001] - SAP SAPCAR Heap Based Buffer Overflow Vulnerability
- From: Core Security Advisories Team
- ESA-2017-027: EMC Isilon OneFS NFS Export Upgrade Vulnerability
- From: EMC Product Security Response Center
- ESA-2017-017: RSA® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerability
- From: EMC Product Security Response Center
- DefenseCode ThunderScan SAST Advisory: WordPress Tracking Code Manager Plugin Multiple Security Vulnerabilities
- DefenseCode WebScanner DAST Advisory: WordPress User Access Manager Plugin Security Vulnerability
- SEC Consult SA-20170511-0 :: Stack-based buffer overflow vulnerability in Guidance Software EnCase Forensic Imager
- From: SEC Consult Vulnerability Lab
- DefenseCode ThunderScan SAST Advisory: GOOGLE google-api-php-client Multiple Security Vulnerabilities
- [security bulletin] HPESBHF03745 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution
- Secunia Research: LibRaw "parse_tiff_ifd()" Memory Corruption Vulnerability
- Secunia Research: FLAC "read_metadata_vorbiscomment_()" Memory Leak Denial of Service Vulnerability
- [SECURITY] [DSA 3853-1] bitlbee security update
- APPLE-SA-2017-05-15-4 watchOS 3.2.1
- From: Apple Product Security
- APPLE-SA-2017-05-15-6 iTunes 12.6.1
- From: Apple Product Security
- Nextcloud/Owncloud - Reflected Cross Site Scripting in error pages
- [SYSS-2017-010] HP Wireless Mouse: Spoofing Attack (CWE-345)
- [slackware-security] kdelibs (SSA:2017-136-02)
- From: Slackware Security Team
- PingID (MFA) - Reflected Cross-Site Scripting
- [SECURITY] [DSA 3856-1] deluge security update
- [security bulletin] HPESBGN03748 rev.1 - HPE Cloud Optimizer, Remote Disclosure of Information
- [SECURITY] CVE-2017-5657: Apache Archiva CSRF vulnerability for REST endpoints
- [SECURITY] [DSA 3858-1] openjdk-7 security update
- CVE-2017-9024 Secure Auditor - v3.0 Directory Traversal
- May 2017 - SourceTree - Critical Security Advisory
- CVE-2017-9046 Mantis Bug Tracker 1.3.10 / v2.3.0 CSRF Permalink Injection
- CVE-2017-9046 Pegasus "winpm-32.exe" v4.72 Mailto: Link Remote Code Execution
- CVE-2017-9024 Secure Auditor - v3.0 Directory Traversal
- HPESBHF03744 rev.1 - HPE Intelligent Management Center (iMC) PLAT running OpenSSL, Remote Denial of Service (DoS)
- From: HPE Product Security Response Team
- Secunia Research: Microsoft Windows Heap-based Buffer Overflow Vulnerabilities
- [SECURITY] [DSA 3861-1] libtasn1-6 security update
- DefenseCode ThunderScan SAST Advisory: WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability
- DefenseCode ThunderScan SAST Advisory: WordPress Huge-IT Video Gallery Plugin Security Vulnerability
- DefenseCode ThunderScan SAST Advisory: WordPress AffiliateWP Plugin Security Vulnerability
- [security bulletin] HPESBHF03751 rev.1 - HPE Aruba AirWave Glass, Remote Code Execution
- [slackware-security] samba (SSA:2017-144-01)
- From: Slackware Security Team
- WebKitGTK+ Security Advisory WSA-2017-0004
- From: Carlos Alberto Lopez Perez
- [security bulletin] HPESBHF03746 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution
- From: HPE Product Security Response Team
- [SECURITY] [DSA 3863-1] imagemagick security update
- [security bulletin] HPESBHF03750 rev.1 - HPE Network Products including Comware 5, Comware 7 and VCX running NTP, Remote Denial of Service (DoS), Unauthorized Modification, Local Denial of Service (DoS)
- [security bulletin] HPESBHF03754 rev.1 - HPE ML10 Gen 9 Server using Intel Xeon E3-1200 v5 Processor, Remote Access Restriction Bypass
- [security bulletin] HPESBHF03730 rev.1 - HPE Aruba ClearPass Policy Manager, Multiple Vulnerabilities
- Wordpress Plugin Social-Stream - Exposure of Twitter API Secret Key and Token
- Multiple Local Privilege Escalation Vulnerabilities in Acunetix Web Vulnerability Scanner 11
- [SECURITY] [DSA 3865-1] mosquitto security update
- [SECURITY] [DSA 3866-1] strongswan security update
- [SECURITY] [DSA 3867-1] sudo security update
- From: Salvatore Bonaccorso
- DefenseCode ThunderScan SAST Advisory: WordPress Simple Slideshow Manager Plugin Multiple Security Vulnerabilities
- [CVE-2017-5688] Executable installers are vulnerable^WEVIL (case 52): Intel installation framework allows arbitrary code execution with escalation of privilege
Mail converted by MHonArc