Mail Thread Index

• Date Index

• [SECURITY] [DSA 3869-1] tnef security update, Sebastien Delafond
• [SECURITY] [DSA 3870-1] wordpress security update, Sebastien Delafond
• [SECURITY] [DSA 3873-1] perl security update, Salvatore Bonaccorso
• X41-2017-005 - Multiple Vulnerabilities in peplink balance routers, X41 D-Sec GmbH Advisories
• [security bulletin] HPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information, security-alert
• [security bulletin] HPESBGN03752 rev.1 - HPE IceWall using OpenSSL, remote Denial of Service (DoS), security-alert
• Sophos Cyberoam Cross-site scripting (XSS) vulnerability, bhdresh
• Xavier v2.4 PHP MP - SQL Injection Web Vulnerabilities, Vulnerability Lab
• [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS), security-alert
• CVE update - fixed in Apache Ranger 0.7.1, Velmurugan Periasamy
• [security bulletin] HPESBGN03758 rev.1 - HPE UCMDB, Remote Code Execution, security-alert
• [SYSS-2017-018] OTRS - Access to Installation Dialog, sebastian . auwaerter
• ESA-2017-064: RSA Identity Governance and Lifecycle Multiple Vulnerabilities, EMC Product Security Response Center
• [security bulletin] HPESBUX03747 rev.1 - HP-UX running BIND, Remote Denial of Service, security-alert
• [security bulletin] HPESBUX03759 rev.1 - HP-UX CIFS Sever using Samba, Multiple Remote Vulnerabilities, security-alert
• [SECURITY] [DSA 3875-1] libmwaw security update, Moritz Muehlenhoff
• [SECURITY] [DSA 3876-1] otrs2 security update, Moritz Muehlenhoff
• [security bulletin] HPESBHF03730 rev.2 - HPE Aruba ClearPass Policy Manager, Multiple Vulnerabilities, security-alert
• [SECURITY] [DSA 3877-1] tor security update, Salvatore Bonaccorso
• Evolution Script CMS v5.3 - Cross Site Scripting Vulnerability, Vulnerability Lab
• Zenbership 1.0.8 CMS - Multiple SQL Injection Vulnerabilities, Vulnerability Lab
• SEC Consult SA-20170613-0 :: Access Restriction Bypass in Atlassian Confluence, SEC Consult Vulnerability Lab
• Secunia Research: libsndfile "aiff_read_chanmap()" Information Disclosure Vulnerability, Secunia Research
• [SECURITY] [DSA 3880-1] libgcrypt20 security update, Salvatore Bonaccorso
• ESA-2017-031: RSA BSAFE® Cert-C Improper Certificate Processing Vulnerability, EMC Product Security Response Center
• ESA-2017-043: EMC ESRS Virtual Edition Authentication Bypass Vulnerability, EMC Product Security Response Center
• [SECURITY] [DSA 3881-1] firefox-esr security update, Moritz Muehlenhoff
• [slackware-security] bind (SSA:2017-165-01), Slackware Security Team
• [slackware-security] mozilla-firefox (SSA:2017-165-02), Slackware Security Team
• CVE-2017-9613: Stored Cross-Site Scripting in SAP successfactors, dunstan . pinto
• [SECURITY] [DSA 3882-1] request-tracker4 security update, Salvatore Bonaccorso
• [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege, security-alert
• June 2017 - Bamboo - Critical Security Advisory, Atlassian
• ESA-2017-041: EMC VNX1 and VNX2 Family Multiple Vulnerabilities in VNX Control Station, EMC Product Security Response Center
• Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting, ghasseminia
  • <Possible follow-ups>
  • Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting, ghasseminia
  • Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting, ghasseminia
• [security bulletin] HPESBGN03758 rev.2 - HPE UCMDB, Remote Code Execution, HPE Product Security Response Team
• [SECURITY] [DSA 3887-1] glibc security update, Moritz Muehlenhoff
• [SECURITY] [DSA 3886-1] linux security update, Salvatore Bonaccorso
• CVE-2017-7659: mod_http2 null pointer dereference, Jim Jagielski
• CVE-2017-3167: Apache httpd 2.x ap_get_basic_auth_pw authentication bypass, Jacob Champion
• ESA-2017-054: EMC Avamar Multiple Vulnerabilities, EMC Product Security Response Center
• ESA-2017-053: EMC Isilon OneFS Privilege Escalation Vulnerability, EMC Product Security Response Center
• [SECURITY] [DSA 3890-1] spip security update, Salvatore Bonaccorso
• Sitecore 7.1-7.2 Cross Site Scripting Vulnerability, hamedizadi
• [slackware-security] openvpn (SSA:2017-172-01), Slackware Security Team
• [SECURITY] [DSA 3893-1] jython security update, Salvatore Bonaccorso
• [CVE-2017-8813] Double-Fetch Vulnerability in Linux-4.10.1/drivers/media/pci/saa7164/saa7164-bus.c, wpengfeinudt
• [CVE-2017-8831] Double-Fetch Vulnerability in Linux-4.10.1/drivers/media/pci/saa7164/saa7164-bus.c, wpengfeinudt
  • <Possible follow-ups>
  • [CVE-2017-8831] Double-Fetch Vulnerability in Linux-4.10.1/drivers/media/pci/saa7164/saa7164-bus.c, wpengfeinudt
• Microsoft Skype v7.2, v7.35 & v7.36 - Stack Buffer Overflow Vulnerability, Vulnerability Lab
• DefenseCode Security Advisory: IBM DB2 Command Line Processor Buffer Overflow, DefenseCode
• [slackware-security] kernel (SSA:2017-177-01), Slackware Security Team
• [SECURITY] [DSA 3899-1] vlc security update, Salvatore Bonaccorso
• [SECURITY] [DSA 3886-2] linux regression update, Salvatore Bonaccorso
• [SECURITY] [DSA 3900-1] openvpn security update, Sebastien Delafond
• ESA-2017-062: VASA Provider Virtual Appliance Remote Code Execution Vulnerability, EMC Product Security Response Center
• SEC Consult SA-20170630-0 :: Multiple critical vulnerabilities in OSCI-Transport library 1.2 for German e-Government, SEC Consult Vulnerability Lab