BugTraq Mode:
(Page 4 of 1720)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[security bulletin] HPESBGN03758 rev.2 - HPE UCMDB, Remote Code Execution 2017-06-19
HPE Product Security Response Team (security-alert hpe com)
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03758en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03758en_us

Version: 2

[ more ]  [ reply ]
Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting 2017-06-19
ghasseminia gmail com
# Vulnerability type: Cross Site Scripting
# Vendor: Ektron
# Product: Ektron Content Management System
# Affected version: 9.10SP1(Build 9.1.0.184)
# Patched version: 9.1.0.184SP3(9.1.0.184.3.127)
# Credit: Siyavash Ghasseminia
# CVE ID: CVE-2016-6201

# PROOF OF CONCEPT

Vulnerable URL:
/WorkAre

[ more ]  [ reply ]
Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting 2017-06-19
ghasseminia gmail com
# Vulnerability type: Cross Site Scripting
# Vendor: Ektron
# Product: Ektron Content Management System
# Affected version: 9.10SP1(Build 9.1.0.184)
# Patched version: 9.1.0.184SP3(9.1.0.184.3.127)
# Credit: Siyavash Ghasseminia
# CVE ID: CVE-2016-6133

# PROOF OF CONCEPT

Vulnerable URL:
/WorkArea

[ more ]  [ reply ]
Ektron Version 9.10SP1(Build 9.1.0.184) Cross Site Scripting 2017-06-19
ghasseminia gmail com
# Vulnerability type: Cross Site Scripting
# Vendor: Ektron
# Product: Ektron Content Management System
# Affected version: 9.10SP1(Build 9.1.0.184)
# Patched version: 9.1.0.184SP3(9.1.0.184.3.127)
# Credit: Siyavash Ghasseminia, Edmund Goh
# CVE ID: CVE-2016-6133

# PROOF OF CONCEPT

Vulnerable U

[ more ]  [ reply ]
ESA-2017-041: EMC VNX1 and VNX2 Family Multiple Vulnerabilities in VNX Control Station 2017-06-16
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2017-041: EMC VNX1 and VNX2 Family Multiple Vulnerabilities in VNX Control Station

EMC Identifier: ESA-2017-041

CVE Identifier: CVE-2017-4984, CVE-2017-4985, CVE-2017-4987

Severity Rating: CVSS v3 Base Score: See below for individual CV

[ more ]  [ reply ]
June 2017 - Bamboo - Critical Security Advisory 2017-06-16
Atlassian (security atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This email refers to the advisory found at
https://confluence.atlassian.com/x/KgwUNg .

CVE ID:

* CVE-2017-8907.

Product: Bamboo.

Affected Bamboo product versions:

5.0.0 <= version < 5.15.7
6.0.0 <= version < 6.0.1

Fixed Bamboo product version

[ more ]  [ reply ]
[security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege 2017-06-15
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03761en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03761en_us

Version: 1

HP

[ more ]  [ reply ]
[SECURITY] [DSA 3882-1] request-tracker4 security update 2017-06-15
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3882-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 15, 2017

[ more ]  [ reply ]
CVE-2017-9613: Stored Cross-Site Scripting in SAP successfactors 2017-06-15
dunstan pinto gmail com
CVE-2017-9613: Stored Cross-Site Scripting in SAP successfactors

Severity: High

Vendor: SAP

Versions Affected: SAP successfactors - Release build b1702p5e.1190658

Description: Stored Cross-site scripting (XSS) vulnerability in SAP Successfactors allows remote authenticated users to inject arbitr

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2017-165-02) 2017-06-15
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2017-165-02)

New mozilla-firefox packages are available for Slackware 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/

[ more ]  [ reply ]
[slackware-security] bind (SSA:2017-165-01) 2017-06-15
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] bind (SSA:2017-165-01)

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------

[ more ]  [ reply ]
[SECURITY] [DSA 3881-1] firefox-esr security update 2017-06-14
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3881-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 14, 2017

[ more ]  [ reply ]
ESA-2017-043: EMC ESRS Virtual Edition Authentication Bypass Vulnerability 2017-06-14
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2017-043: EMC ESRS Virtual Edition Authentication Bypass Vulnerability

EMC Identifier: ESA-2017-043

CVE Identifier: CVE-2017-4986

Severity Rating: CVSS v3 Base Score: See below for individual scores of each CVE

Affected products:

E

[ more ]  [ reply ]
ESA-2017-031: RSA BSAFE® Cert-C Improper Certificate Processing Vulnerability 2017-06-14
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2017-031: RSA BSAFE® Cert-C Improper Certificate Processing Vulnerability

EMC Identifier: ESA-2017-031

CVE Identifier: CVE-2017-4981

Severity Rating: 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H)

Affected Products:

RSA BS

[ more ]  [ reply ]
[SECURITY] [DSA 3880-1] libgcrypt20 security update 2017-06-14
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3880-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 14, 2017

[ more ]  [ reply ]
Secunia Research: libsndfile "aiff_read_chanmap()" Information Disclosure Vulnerability 2017-06-13
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2017/06/09

libsndfile "aiff_read_chanmap()" Information Disclosure Vulnerability

==========================================================

[ more ]  [ reply ]
SEC Consult SA-20170613-0 :: Access Restriction Bypass in Atlassian Confluence 2017-06-13
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20170613-0 >
=======================================================================
title: Access Restriction Bypass
product: Atlassian Confluence
vulnerable version: 4.3.0 - 6.1.1
fixed version: 6.2.1
CVE n

[ more ]  [ reply ]
Zenbership 1.0.8 CMS - Multiple SQL Injection Vulnerabilities 2017-06-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Zenbership 1.0.8 CMS - Multiple SQL Injection Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2073

Release Date:
=============
2017-06-09

Vulnerability Laboratory ID (VL-ID):
========================

[ more ]  [ reply ]
Evolution Script CMS v5.3 - Cross Site Scripting Vulnerability 2017-06-12
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Evolution Script CMS v5.3 - Cross Site Scripting Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2075

Release Date:
=============
2017-06-07

Vulnerability Laboratory ID (VL-ID):
=======================

[ more ]  [ reply ]
[SECURITY] [DSA 3877-1] tor security update 2017-06-10
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3877-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
June 10, 2017

[ more ]  [ reply ]
[security bulletin] HPESBHF03730 rev.2 - HPE Aruba ClearPass Policy Manager, Multiple Vulnerabilities 2017-06-09
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03730en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03730en_us

Version: 2

HP

[ more ]  [ reply ]
[SECURITY] [DSA 3876-1] otrs2 security update 2017-06-09
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3876-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 09, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3875-1] libmwaw security update 2017-06-09
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3875-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
June 09, 2017

[ more ]  [ reply ]
[security bulletin] HPESBUX03759 rev.1 - HP-UX CIFS Sever using Samba, Multiple Remote Vulnerabilities 2017-06-09
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbux
03759en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbux03759en_us

Version: 1

HP

[ more ]  [ reply ]
[security bulletin] HPESBUX03747 rev.1 - HP-UX running BIND, Remote Denial of Service 2017-06-08
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbux
03747en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbux03747en_us

Version: 1

HP

[ more ]  [ reply ]
ESA-2017-064: RSA Identity Governance and Lifecycle Multiple Vulnerabilities 2017-06-08
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

EMC Identifier: EMC-2017-064

CVE Identifier: CVE-2017-5003, CVE-2017-5004

Severity Rating: CVSS v3 Base Score: Please view details below for individual CVE scores.

Affected Products:

?RSA Identity Governance and Lifecycle

[ more ]  [ reply ]
[SYSS-2017-018] OTRS - Access to Installation Dialog 2017-06-08
sebastian auwaerter syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2017-018
Product: OTRS
Manufacturer: OTRS
Affected Version(s): OTRS 5.0.x, OTRS 4.0.x, OTRS 3.3.x
Fixed Version(s): OTRS 5.0.20, OTRS 4.0.24, OTRS 3.3.17
Tested Version(s): 5.0.19
Vulnerability Type: Access to Installation Dialog
Ris

[ more ]  [ reply ]
[security bulletin] HPESBGN03758 rev.1 - HPE UCMDB, Remote Code Execution 2017-06-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03758en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03758en_us

Version: 1

HP

[ more ]  [ reply ]
CVE update - fixed in Apache Ranger 0.7.1 2017-06-07
Velmurugan Periasamy (vel apache org)
Hello:

Please find below details on CVEs fixed in Ranger 0.7.1 release. Release details can be found at https://cwiki.apache.org/confluence/display/RANGER/0.7.1+Release+-+Apach
e+Ranger

------------------------------------------------------------------------
----------------------------------------

[ more ]  [ reply ]
[security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS) 2017-06-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03757en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03757en_us

Version: 1

HP

[ more ]  [ reply ]
(Page 4 of 1720)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus