BugTraq Mode:
(Page 3 of 1727)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
CVE-2017-9096 iText XML External Entity Vulnerability 2017-11-06
Advisories (advisories compass-security com)
##################################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/en/research/advisories/
#
##################################################################
#
# Product: iText PDF Library
# Vendor: iText Group
# CVE ID: CVE-2017-909

[ more ]  [ reply ]
Call for papers - WorldCIST'18 - Naples, Italy - Extended deadline: November 22 2017-11-05
ML (marialemos72 gmail com)

* Proceedings by Springer

** Extended versions of best selected papers will be published in JCR/SCI/SSCI journals

------------------------------------------------------------------------
---------------------------
WorldCist'18 - 6th World Conference on Information Systems and Technologies

[ more ]  [ reply ]
Webmin v1.850 Remote Code Execution (hyp3rlinx / apparitionsec) 2017-11-05
apparitionsec gmail com
[+] SSD Beyond Security: https://blogs.securiteam.com/index.php/archives/3430
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/WEBMIN-v1.850-REMOTE-COMMAND-
EXECUTION.txt
[+] ISR: ApparitionSec

Vulner

[ more ]  [ reply ]
[SECURITY] [DSA 4019-1] imagemagick security update 2017-11-05
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4019-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 05, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4016-1] irssi security update 2017-11-03
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4016-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 03, 2017

[ more ]  [ reply ]
KL-001-2017-022 : Splunk Local Privilege Escalation 2017-11-03
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2017-022 : Splunk Local Privilege Escalation

Title: Splunk Local Privilege Escalation
Advisory ID: KL-001-2017-022
Publication Date: 2017.11.03
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-022.txt

1. Vulnerability Details

Affected Vendor: Splunk
Af

[ more ]  [ reply ]
[SECURITY] [DSA 4015-1] openjdk-8 security update 2017-11-02
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4015-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 02, 2017

[ more ]  [ reply ]
APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows

iTunes 12.7.1 for Windows is now available and addresses the
following:

WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution

[ more ]  [ reply ]
APPLE-SA-2017-10-31-11 Additional information for APPLE-SA-2017-09-20-3 tvOS 11 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-11
Additional information for APPLE-SA-2017-09-20-3 tvOS 11

tvOS 11 addresses the following:

802.1X
Available for: Apple TV (4th generation)
Impact: An attacker may be able to exploit weaknesses in TLS 1.0
Description: A protocol

[ more ]  [ reply ]
APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1,
Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan

macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security
Update 2017-004 El Capitan are now available and address the
fo

[ more ]  [ reply ]
APPLE-SA-2017-10-31-12 Additional information for APPLE-SA-2017-09-25-9 macOS Server 5.4 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-12
Additional information for APPLE-SA-2017-09-25-9 macOS Server 5.4

macOS Server 5.4 addresses the following:

FreeRadius
Available for: macOS High Sierra 10.13
Impact: Multiple issues in FreeRADIUS
Description: Multiple issues

[ more ]  [ reply ]
APPLE-SA-2017-10-31-3 tvOS 11.1 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-3 tvOS 11.1

tvOS 11.1 is now available and addresses the following:

CoreText
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted text file may lead to an
unexpected application termin

[ more ]  [ reply ]
APPLE-SA-2017-10-31-10 Additional information for APPLE-SA-2017-09-20-2 watchOS 4 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-10
Additional information for APPLE-SA-2017-09-20-2 watchOS 4

watchOS 4 addresses the following:

802.1X
Available for: All Apple Watch models
Impact: An attacker may be able to exploit weaknesses in TLS 1.0
Description: A protoco

[ more ]  [ reply ]
APPLE-SA-2017-10-31-7 iCloud for Windows 7.1 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-7 iCloud for Windows 7.1

iCloud for Windows 7.1 is now available and addresses the following:

WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Descr

[ more ]  [ reply ]
APPLE-SA-2017-10-31-9 Additional information for APPLE-SA-2017-09-19-1 iOS 11 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-9
Additional information for APPLE-SA-2017-09-19-1 iOS 11

iOS 11 addresses the following:

802.1X
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit wea

[ more ]  [ reply ]
APPLE-SA-2017-10-31-4 watchOS 4.1 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-4 watchOS 4.1

watchOS 4.1 is now available and addresses the following:

CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted text file may lead to an
unexpected application termination
Descripti

[ more ]  [ reply ]
[security bulletin] HPESBHF03785 rev.1 - HPE B-Series SAN Network Advisor Software, Multiple Remote Vulnerabilities 2017-10-30
HPE Product Security Response Team (security-alert hpe com)
-----Original Message-----

From: security-alert (at) hpe (dot) com [email concealed] [mailto:security-alert (at) hpe (dot) com [email concealed]]

Sent: Tuesday, October 17, 2017 3:27 PM

Subject: [security bulletin] HPESBHF03785 rev.1 - HPE B-Series SAN Network Advisor Software, Multiple Remote Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----

Hash

[ more ]  [ reply ]
[SECURITY] [DSA 4009-1] shadowsocks-libev security update 2017-10-29
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4009-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
October 29, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4012-1] libav security update 2017-10-30
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4012-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
October 31, 2017

[ more ]  [ reply ]
[slackware-security] wget (SSA:2017-300-02) 2017-10-27
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] wget (SSA:2017-300-02)

New wget packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+

[ more ]  [ reply ]
[security bulletin] HPESBHF03787 rev.1 - Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT, Deserialization of Untrusted Data, Remote Code Execution 2017-10-27
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03787en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03787en_us

Version: 1

HP

[ more ]  [ reply ]
[VulnWatch] Advisory 02/2002: PHP remote vulnerability 2017-10-27
e-matters Security (security e-matters de)
e-matters GmbH
www.e-matters.de

-= Security Advisory =-

Advisory: Remote Compromise/DOS Vulnerability in PHP
Release Date: 2002/07/22
Last Modified: 2002/07/22
Author: Stefan Esser [s.esser (at) e-matters (dot) de [email concealed]]

[ more ]  [ reply ]
Bomgar Remote Support - Local Privilege Escalation (CVE-2017-5996) 2017-10-26
VSR Advisories (advisories vsecurity com)

                   Virtual Security Research, LLC.
                      https://www.vsecurity.com/
                          Security Advisory

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=

Advisory

[ more ]  [ reply ]
October 2017 - Bamboo - Critical Security Advisory 2017-10-26
Atlassian (security atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This email refers to the advisory found at
https://confluence.atlassian.com/x/EZ-1Nw .

CVE ID:

* CVE-2017-9514.

Product: Bamboo.

Affected Bamboo product versions:

6.0.0 <= version < 6.0.5
6.1.0 <= version < 6.1.4
6.2.0 <= version < 6.2.1

Fixe

[ more ]  [ reply ]
KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions 2017-10-24
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions

Title: Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions
Advisory ID: KL-001-2017-020
Publication Date: 2017.10.24
Publication URL: https://www.korelogic.com/Resources/Advis

[ more ]  [ reply ]
KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation 2017-10-24
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation

Title: Infoblox NetMRI Administration Shell Escape and Privilege Escalation
Advisory ID: KL-001-2017-017
Publication Date: 2017.10.24
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-01

[ more ]  [ reply ]
[SECURITY] [DSA 4006-1] mupdf security update 2017-10-24
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4006-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/
October 24, 2017

[ more ]  [ reply ]
[security bulletin] HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service 2017-10-23
HPE Product Security Response Team (security-alert hpe com)
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03779en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03779en_us

Version: 1

[ more ]  [ reply ]
[SECURITY] [DSA 4003-1] libvirt security update 2017-10-19
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4003-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
October 19, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4002-1] mysql-5.5 security update 2017-10-19
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4002-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
October 19, 2017

[ more ]  [ reply ]
(Page 3 of 1727)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus