BugTraq Mode:
(Page 5 of 1727)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[SECURITY] [DSA 3988-1] libidn2-0 security update 2017-09-30
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3988-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
September 30, 2017

[ more ]  [ reply ]
Mac OS X Local Javascript Quarantine Bypass 2017-09-30
filippo cavallarin wearesegment com
Advisory ID: SGMA17-002
Title: Mac OS X Local Javascript Quarantine Bypass
Product: Mac OS X
Version: 10.12, 10.11, 10.10 and probably prior
Vendor: apple.com
Type: DOM Based XSS
Risk level: 3 / 5
Credit

[ more ]  [ reply ]
[SECURITY] [DSA 3987-1] firefox-esr security update 2017-09-29
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3987-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
September 29, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3986-1] ghostscript security update 2017-09-29
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3986-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
September 29, 2017

[ more ]  [ reply ]
Trend Micro OfficeScan v11.0 and XG (12.0)* CURL (MITM) Remote Code Execution CVE-2017-14084 (apparitionsec / hyp3rlinx) 2017-09-29
apparitionsec gmail com
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14084-TRENDMICRO-OFF
ICESCAN-XG-CURL-MITM-REMOTE-CODE-EXECUTION.txt
[+] ISR: ApparitionSec

Vendor:
==================
www.trendmicro.com

Pr

[ more ]  [ reply ]
Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Start Remote Process Code Execution / DOS - INI Corruption CVE-2017-14086 (apparitionsec / hyp3rlinx) 2017-09-29
apparitionsec gmail com
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14086-TRENDMICRO-OFF
ICESCAN-XG-PRE-AUTH-START-REMOTE-PROCESS-CODE-EXECUTION-MEM-CORRUPT.txt
[+] ISR: ApparitionSec

Vendor:
==================

[ more ]  [ reply ]
Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Remote Encryption Key Disclosure CVE-2017-14083 (apparitionsec / hyp3rlinx) 2017-09-29
apparitionsec gmail com
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14083-TRENDMICRO-OFF
ICESCAN-XG-PRE-AUTH-REMOTE-ENCRYPTION-KEY-DISCLOSURE.txt
[+] ISR: ApparitionSec

Vendor:
==================
www.trendmicro

[ more ]  [ reply ]
Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Change Prevention Image File Execution Bypass (apparitionsec / hyp3rlinx) 2017-09-29
apparitionsec gmail com
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-IMAG
E-FILE-EXECUTION-BYPASS.txt
[+] ISR: ApparitionSec

Vendor:
==================
www.trendmicro.com

Product:
========
Off

[ more ]  [ reply ]
Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Remote Memory Corruption CVE-2017-14089 (apparitionsec / hyp3rlinx) 2017-09-29
apparitionsec gmail com
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14089-TRENDMICRO-OFF
ICESCAN-XG-PRE-AUTH-REMOTE-MEMORY-CORRUPTION.txt
[+] ISR: ApparitionSec

Vendor:
==================
www.trendmicro.com

P

[ more ]  [ reply ]
Mac OS X Local Javascript Quarantine Bypass 2017-09-29
Filippo Cavallarin (filippo cavallarin wearesegment com)
Advisory ID: SGMA17-002
Title: Mac OS X Local Javascript Quarantine Bypass
Product: Mac OS X
Version: 10.12, 10.11, 10.10 and probably prior
Vendor: apple.com
Type: DOM Based XSS
Risk level: 3 / 5
Credit

[ more ]  [ reply ]
CVE-2017-14087 Trend Micro OfficeScan v11.0 and XG (12.0)* Host Header Injection (apparitionsec / hyp3rlinx) 2017-09-28
apparitionsec gmail com
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14087-TRENDMICRO-OFF
ICESCAN-XG-HOST-HEADER-INJECTION.txt
[+] ISR: ApparitionSec

Vendor:
==================
www.trendmicro.com

Product:
===

[ more ]  [ reply ]
[security bulletin] HPESBGN03773 rev.2 - HPE Application Performance Management (BSM), Remote Code Execution 2017-09-28
swpmb cyber-psrt microfocus com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://softwaresupport.hpe.com/km/KM02960811

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM02960811

Version: 2

HPESBGN03773 rev.2 - HPE Application Performan

[ more ]  [ reply ]
CVE-2017-14084 Trend Micro OfficeScan v11.0 and XG (12.0)* CURL (MITM) Remote Code Execution (apparitionsec / hyp3rlinx) 2017-09-28
apparitionsec gmail com
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14084-TRENDMICRO-OFF
ICESCAN-XG-CURL-MITM-REMOTE-CODE-EXECUTION.txt
[+] ISR: ApparitionSec

Vendor:
==================
www.trendmicro.com

Pr

[ more ]  [ reply ]
[CVE-2017-9538] Persistent Application Denial of Service 2017-09-29
andys3c gmail com
-------------------------------------------------------------
Vulnerability type: Persistent Application Denial of Service
-------------------------------------------------------------
Credit: Andy Tan
CVE ID: CVE-2017-9538
-----------------------------------------------
Product: SolarWinds Network

[ more ]  [ reply ]
[CVE-2017-9537] Persistent Cross-Site Scripting Vulnerabilities 2017-09-29
andys3c gmail com
-------------------------------------------------------------
Vulnerability type: Persistent Cross-Site Scripting
-------------------------------------------------------------
Credit: Andy Tan
CVE ID: CVE-2017-9537
-----------------------------------------------
Product: SolarWinds Network Performan

[ more ]  [ reply ]
Faleemi FSC-880 Multiple Security Vulnerabilities 2017-09-27
oleg iotsploit co
https://medium.com/iotsploit/faleemi-fsc-880-multiple-security-vulnerabi
lities-ed1d132c2cce

This camera has multiple security vulnerabilities, which can be exploited both locally and remotely. In particular, hardwired manufacturer DDNS and port-mapping to camera via upnp compatible router. Allowing

[ more ]  [ reply ]
Bitdefender Total Security 2017 Unquoted Service Path Vulnerability 2017-09-27
wsachin092 gmail com
Vulnerability Title: Bitdefender Total Security 2017 Unquoted Service Path Vulnerability
Affected Product: Bitdefender Total Security 2017
Homepage: https://www.bitdefender.com/
Status: Fixed
Severity: Medium
Description:
Bitdefender Total Security suffers from an unquoted service path vulnerability

[ more ]  [ reply ]
[SECURITY] [DSA 3984-1] git security update 2017-09-26
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3984-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
September 26, 2017

[ more ]  [ reply ]
Qualys Security Advisory - Linux PIE/stack corruption (CVE-2017-1000253) 2017-09-26
Qualys Security Advisory (qsa qualys com)

Qualys Security Advisory

Linux PIE/stack corruption (CVE-2017-1000253)

========================================================================

Contents
========================================================================

Summary
Analysis
Exploitation
Acknowledgments

=====================

[ more ]  [ reply ]
[security bulletin] HPESBGN03773 rev.1 - HPE Application Performance Management (BSM), Remote Code Execution 2017-09-25
swpmb cyber-psrt microfocus com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://softwaresupport.hpe.com/km/KM02960811

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM02960811

Version: 1

HPESBGN03773 rev.1 - HPE Application Performan

[ more ]  [ reply ]
Mako Web Server v2.5 Multiple Unauthenticated Vulnerabilities (apparitionsec / hyp3rlinx) 2017-09-25
apparitionsec gmail com
[+] SSD Beyond Security: https://blogs.securiteam.com/index.php/archives/3391
[+] Credits: John Page a.k.a hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/MAKO-WEB-SERVER-MULTIPLE-UNAU
THENTICATED-VULNERABILIITIES-SECURITEAM.txt
[+] ISR: Appari

[ more ]  [ reply ]
Kaltura - Remote Code Execution and Cross-Site Scripting 2017-09-24
robin verton telekom de
Telekom Security
security.telekom.com

Advisory: Kaltura - Remote Code Execution and Cross-Site Scripting
Release Date: 2017/09/12
Author: Robin Verton (robin.verton (at) telekom (dot) de [email concealed])
CVE: CVE-2017-14141, CVE-2017-14142, CVE-2017-141

[ more ]  [ reply ]
[slackware-security] libxml2 (SSA:2017-266-01) 2017-09-23
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] libxml2 (SSA:2017-266-01)

New libxml2 packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/pack

[ more ]  [ reply ]
[SECURITY] [DSA 3983-1] samba security update 2017-09-22
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3983-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
September 22, 2017

[ more ]  [ reply ]
APPLE-SA-2017-09-19-1 iOS 11 2017-09-19
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-09-19-1 iOS 11

iOS 11 is now available and addresses the following:

Exchange ActiveSync
Available for: iPhone 5s and later, iPad Air and later,
and iPod touch 6th generation
Impact: An attacker in a privileged network position may be

[ more ]  [ reply ]
[slackware-security] httpd (SSA:2017-261-01) 2017-09-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] httpd (SSA:2017-261-01)

New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+------------------------

[ more ]  [ reply ]
[slackware-security] libgcrypt (SSA:2017-261-02) 2017-09-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] libgcrypt (SSA:2017-261-02)

New libgcrypt packages are available for Slackware 14.2 and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/lib

[ more ]  [ reply ]
[slackware-security] ruby (SSA:2017-261-03) 2017-09-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] ruby (SSA:2017-261-03)

New ruby packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/ruby-2.2.8-i58

[ more ]  [ reply ]
Watchguard Fireware OS DOS & Stored XSS 2017-09-18
David Fernandez (david fdmv gmail com)
Watchguardâ??s Firebox and XTM are a series of enterprise grade network
security appliances providing advanced security services like next
generation firewall, intrusion prevention, malware detection and
blockage and others. Two vulnerabilities were discovered affecting the
XML-RPC interface of the

[ more ]  [ reply ]
[SECURITY] [DSA 3978-1] gdk-pixbuf security update 2017-09-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3978-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
September 18, 2017

[ more ]  [ reply ]
(Page 5 of 1727)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus