Mail Index
- Microsoft Dynamic CRM 2016 - Cross-Site Scripting vulnerability
- [slackware-security] kernel (SSA:2017-181-02)
- From: Slackware Security Team
- [slackware-security] glibc (SSA:2017-181-01)
- From: Slackware Security Team
- InsomniaX loader allows loading of arbitrary Kernel Extensions
- [CVE-2017-9313] Webmin 1.840 Multiple XSS Vulnerabilities
- [SECURITY] [DSA 3901-1] libgcrypt20 security update
- From: Salvatore Bonaccorso
- [slackware-security] Slackware 14.0 kernel (SSA:2017-184-01)
- From: Slackware Security Team
- [security bulletin] HPSBMU02933 rev.3 - HPE SiteScope, issueSiebelCmd and loadFileContents SOAP Requests, Remote Code Execution, Arbitrary File download, Denial of Service (DoS)
- From: HPE Product Security Response Team
- [SECURITY] [DSA 3902-1] jabberd2 security update
- From: Salvatore Bonaccorso
- [SECURITY] [DSA 3903-1] tiff security update
- KL-001-2017-011 : Barracuda WAF Internal Development Credential Disclosure
- From: KoreLogic Disclosures
- KL-001-2017-012 : Barracuda WAF Grub Password Complexity
- From: KoreLogic Disclosures
- KL-001-2017-014 : Barracuda WAF Support Tunnel Hijack
- From: KoreLogic Disclosures
- KL-001-2017-015 : Solarwinds LEM Hardcoded Credentials
- From: KoreLogic Disclosures
- Firefox v54.0.1 Denial Of Service
- [SYSS-2017-011] Office 365: Insufficient Session Expiration (CWE-613)
- [ANNOUNCE] [SECURITY] CVE-2017-7660: Security Vulnerability in secure inter-node communication in Apache Solr
- From: Shalin Shekhar Mangar
- CVE-2017-10974 Yaws Web Server v1.91 Unauthenticated Remote File Disclosure
- [slackware-security] php (SSA:2017-188-01)
- From: Slackware Security Team
- [SECURITY] [DSA 3904-1] bind9 security update
- [SECURITY] [DSA 3905-1] xorg-server security update
- [slackware-security] irssi (SSA:2017-190-01)
- From: Slackware Security Team
- ToorCon 19 Call For Papers Closing This Week!
- [SECURITY] CVE-2017-5652 Apache Impala (incubating) Information Disclosure
- CVE-2017-5640 Apache Impala (incubating) Information Disclosure
- [security bulletin] HPESBNS03755 rev.1 - HPE NonStop Server using Samba, Multiple Remote Vulnerabilities
- From: HPE Product Security Response Team
- [security bulletin] HPESBHF03745 rev.2 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution
- From: HPE Product Security Response Team
- [security bulletin] HPESBGN03762 rev.1 - HPE Network Node Manager i (NNMi) Software, Remote Bypass Security Restrictions, Cross-Site Scripting (XSS), URL Redirection
- From: HPE Product Security Response Team
- [security bulletin] HPESBGN03763 rev.1 - HPE SiteScope, Disclosure of Sensitive Information, Bypass Security Restriction, Remote Arbitrary Code Execution
- From: HPE Product Security Response Team
- CVE-2017-4918: Code Injection in VMware Horizon’s macOS Client
- [RT-SA-2017-011] Remote Command Execution in PDNS Manager
- From: RedTeam Pentesting GmbH
- [CVE request]linux kernel xfrm migrate out-of-bound access
- SEC Consult SA-20170712-0 :: Multiple critical vulnerabilities in AGFEO smart home ES 5xx/6xx products
- From: SEC Consult Vulnerability Lab
- [SECURITY] [DSA 3908-1] nginx security update
- CVE-2017-9789: Apache httpd 2.4 Read after free in mod_http2
- CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest
- CVE-2017-7664 - Apache OpenMeetings - Missing XML Validation
- CVE-2017-7663 - Apache OpenMeetings - XSS in chat
- CVE-2017-7684 - Apache OpenMeetings - Insecure File Upload
- CVE-2017-7688 - Apache OpenMeetings - Insecure Password Update
- [CVE-2017-7728] - Authentication Bypass allows alarm's commands execution in iSmartAlarm
- [SECURITY] [DSA 3914-1] imagemagick security update
- APPLE-SA-2017-07-19-4 tvOS 10.2.2
- From: Apple Product Security
- APPLE-SA-2017-07-19-6 iTunes 12.6.2
- From: Apple Product Security
- APPLE-SA-2017-07-19-1 iOS 10.3.3
- From: Apple Product Security
- APPLE-SA-2017-07-19-3 watchOS 3.2.2
- From: Apple Product Security
- APPLE-SA-2017-07-19-2 macOS 10.12.6
- From: Apple Product Security
- APPLE-SA-2017-07-19-5 Safari 10.1.2
- From: Apple Product Security
- APPLE-SA-2017-07-19-7 iCloud for Windows 6.2.2
- From: Apple Product Security
- Directory Traversal vulnerability in Integration Gateway (PSIGW)
- Multiple XSS (POST request) Vulnerabilities in TestServlet (PeopleSoft)
- File Upload in Integration Gateway (PSIGW)
- [security bulletin] HPESBHF03766 rev.1 - HPE ConvergedSystem 700 Solution with Comware v5 Switches using NTP, Remote Denial of Service (DoS), Unauthorized Modification and Local Denial of Service (DoS)
- [security bulletin] HPESBHF03745 rev.3 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution
- [slackware-security] seamonkey (SSA:2017-202-01)
- From: Slackware Security Team
- [SECURITY] [DSA 3917-1] catdoc security update
- From: Salvatore Bonaccorso
- [RT-SA-2017-004] Unauthenticated Arbitrary File Disclosure in REDDOXX Appliance
- From: RedTeam Pentesting GmbH
- [RT-SA-2017-007] Undocumented Administrative Service Account in REDDOXX Appliance
- From: RedTeam Pentesting GmbH
- [RT-SA-2017-003] Cross-Site Scripting in REDDOXX Appliance
- From: RedTeam Pentesting GmbH
- [RT-SA-2017-009] Remote Command Execution as root in REDDOXX Appliance
- From: RedTeam Pentesting GmbH
- [RT-SA-2017-005] Unauthenticated Extraction of Session-IDs in REDDOXX Appliance
- From: RedTeam Pentesting GmbH
- [RT-SA-2017-008] Unauthenticated Access to Diagnostic Functions in REDDOXX Appliance
- From: RedTeam Pentesting GmbH
- [RT-SA-2017-006] Arbitrary File Disclosure with root Privileges via RdxEngine-API in REDDOXX Appliance
- From: RedTeam Pentesting GmbH
- SEC Consult SA-20170724-1 :: Open Redirect issue in multiple Ubiquiti Networks products
- From: SEC Consult Vulnerability Lab
- SEC Consult SA-20170724-0 :: Cross-Site Scripting (XSS) issue in multiple Ubiquiti Networks products
- From: SEC Consult Vulnerability Lab
- [slackware-security] tcpdump (SSA:2017-205-01)
- From: Slackware Security Team
- [SECURITY] [DSA 3920-1] qemu security update
- [SECURITY] [DSA 3919-1] openjdk-8 security update
- [security bulletin] HPESBHF03765 rev.1 - HPE ConvergedSystem 700 Solution with Comware v7 Switches using OpenSSL, Remote Denial of Service (DoS) and Disclosure of Sensitive Information
- From: HPE Product Security Response Team
- FortiOS <= 5.6.0 Multiple XSS Vulnerabilities
Mail converted by MHonArc