BugTraq Mode:
(Page 4 of 1709)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
KL-001-2017-003 : Trendmicro InterScan Remote Root Access Vulnerability 2017-02-16
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2017-003 : Trendmicro InterScan Remote Root Access Vulnerability

Title: Trendmicro InterScan Remote Root Access Vulnerability
Advisory ID: KL-001-2017-003
Publication Date: 2017.02.15
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-003.txt

1. Vulnerability Detai

[ more ]  [ reply ]
KL-001-2017-001 : Trendmicro InterScan Arbitrary File Write 2017-02-16
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2017-001 : Trendmicro InterScan Arbitrary File Write

Title: Trendmicro InterScan Arbitrary File Write
Advisory ID: KL-001-2017-001
Publication Date: 2017.02.15
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-001.txt

1. Vulnerability Details

Affected Vendor

[ more ]  [ reply ]
Cisco Security Advisory: Cisco UCS Director Privilege Escalation Vulnerability 2017-02-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco UCS Director Privilege Escalation Vulnerability

Advisory ID: cisco-sa-20170215-ucs

Revision 1.0

For Public Release 2017 February 15 16:00 UTC (GMT)

+--------------------------------------------------------------------

[ more ]  [ reply ]
CVE-2017-5585: SQL injection in OpenText Documentum Content Server 7.3 (PostgreSQL builds only) 2017-02-15
Andrey B. Panfilov (andrew panfilov tel)
CVE Identifier: CVE-2017-5585
Vendor: OpenText
Affected products: OpenText Documentum Content Server 7.3 (PostgreSQL builds only)
Researcher: Andrey B. Panfilov
Severity Rating: CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Fix: not available

Description:

Previously announced fix

[ more ]  [ reply ]
Advisory X41-2017-002: Multiple Vulnerabilities in ytnef 2017-02-15
X41 D-Sec GmbH Advisories (advisories x41-dsec de)

X41 D-Sec GmbH Security Advisory: X41-2017-002

Multiple Vulnerabilities in ytnef
=================================

Overview
--------
Severity Rating: High
Confirmed Affected Versions: 1.9 and earlier
Confirmed Patched Versions: 1.9.1
Vendor: Yerase
Vendor URL: https://github.com/Yeraze/ytnef
Vect

[ more ]  [ reply ]
CVE-2017-5586: Remote code execution in OpenText Documentum D2 2017-02-15
Andrey B. Panfilov (andrew panfilov tel)
CVE Identifier: CVE-2017-5586
Vendor: OpenText
Affected products: Documentum D2 version 4.x
Researcher: Andrey B. Panfilov
Severity Rating: CVSS v3 Base Score: 10.0 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Description: Document D2 contains vulnerable BeanShell (bsh) and Apache Commons libraries and acc

[ more ]  [ reply ]
[security bulletin] HPESBHF03703 rev.1 - HPE Network Products including Comware v7 and VCX using OpenSSL, Remote Unauthorized Disclosure of Information 2017-02-14
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053908
93

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05390893

Version: 1

HPESBHF03703 rev.1

[ more ]  [ reply ]
Cisco Security Response: Cisco Smart Install Protocol Misuse 2017-02-14
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Response: Cisco Smart Install Protocol Misuse

Response ID: cisco-sr-20170214-smi

Revision 1.0

For Public Release 2017 February 14 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

[ more ]  [ reply ]
[security bulletin] HPESBGN03697 rev.1 - HPE Business Service Management (BSM), Remote Disclosure of Information 2017-02-14
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053908
49

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05390849

Version: 1

HPESBGN03697 rev.1

[ more ]  [ reply ]
[security bulletin] HPSBMU03691 rev.1 - HPE Insight Control, Multiple Remote Vulnerabilities 2017-02-14
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053907
22

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05390722

Version: 1

HPSBMU03691 rev.1

[ more ]  [ reply ]
[SECURITY] [DSA 3788-1] tomcat8 security update 2017-02-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3788-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
February 13, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3787-1] tomcat7 security update 2017-02-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3787-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
February 13, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3786-1] vim security update 2017-02-13
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3786-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
February 13, 2017

[ more ]  [ reply ]
[security bulletin] HPESBGN03698 rev.1 - HPE DDMi using OpenSSL, Remote Arbitrary Code Execution, Bypass Security Restrictions, Denial of Service (DoS) 2017-02-11
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053868
04

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05386804

Version: 1

HPESBGN03698 rev.1

[ more ]  [ reply ]
[security bulletin] HPSBMU03692 rev.1 - HPE Matrix Operating Environment, Multiple Remote Vulnerabilities 2017-02-11
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053856
80

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05385680

Version: 1

HPSBMU03692 rev.1

[ more ]  [ reply ]
[slackware-security] tcpdump (SSA:2017-041-04) 2017-02-10
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] tcpdump (SSA:2017-041-04)

New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2,
and -current to fix security issues.

NOTE: These updates also require the updated libpcap package.

Here are the details from t

[ more ]  [ reply ]
[slackware-security] openssl (SSA:2017-041-02) 2017-02-10
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] openssl (SSA:2017-041-02)

New openssl packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/openssl-

[ more ]  [ reply ]
[security bulletin] HPESBHF03704 rev.1 - HPE OfficeConnect Network Switches, Local Unauthorized Data Modification 2017-02-10
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053889
48

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05388948

Version: 1

HPESBHF03704 rev.1

[ more ]  [ reply ]
[security bulletin] HPESBNS03702 rev.1 - HPE NonStop OSS Core Utilities with Bash Shell, Local Arbitrary Command Execution, Elevation of Privilege 2017-02-09
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053881
15

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05388115

Version: 1

HPESBNS03702 rev.1

[ more ]  [ reply ]
[SECURITY] [DSA 3784-1] viewvc security update 2017-02-09
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3784-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
February 09, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3783-1] php5 security update 2017-02-09
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3783-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
February 08, 2017

[ more ]  [ reply ]
TP-Link C2 and C20i vulnerable to command injection (authenticated root RCE), DoS, improper firewall rules 2017-02-08
Pierre Kim (pierre kim sec gmail com)
Hello,

Please find a text-only version below sent to security mailing lists.

The HTML version on "Vulnerabilities found in TP-Link C2 and C20i" is
posted here:
https://pierrekim.github.io/blog/2017-02-09-tplink-c2-and-c20i-vulnerabl
e.html

=== text-version of the advisory ===

-----BEGIN PGP

[ more ]  [ reply ]
[SECURITY] [DSA 3782-1] openjdk-7 security update 2017-02-08
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3782-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
February 08, 2017

[ more ]  [ reply ]
[slackware-security] php (SSA:2017-041-03) 2017-02-10
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2017-041-03)

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php

[ more ]  [ reply ]
WebKitGTK+ Security Advisory WSA-2017-0002 2017-02-10
Carlos Alberto Lopez Perez (clopez igalia com)
------------------------------------------------------------------------

WebKitGTK+ Security Advisory WSA-2017-0002
------------------------------------------------------------------------

Date reported : February 10, 2017
Advisory ID : WSA-2017-0002
Adviso

[ more ]  [ reply ]
Authentication bypass vulnerability in Western Digital My Cloud 2017-02-08
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Authentication bypass vulnerability in Western Digital My Cloud
------------------------------------------------------------------------

Remco Vermeulen, Januari 2017

-----------------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability 2017-02-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability

Advisory ID: cisco-sa-20170208-asa

Revision 1.0

For Public Release 2017 February 8 16:00 GMT (UTC)

+----------------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability 2017-02-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability

Advisory ID: cisco-sa-20170208-anyconnect

Revision 1.0

For Public Release 2017 February 8 16:00 GMT (UTC)

+--------------------

[ more ]  [ reply ]
ESA-2017-001: EMC Isilon InsightIQ Authentication Bypass Vulnerability 2017-02-07
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2017-001: EMC Isilon InsightIQ Authentication Bypass Vulnerability

EMC Identifier: ESA-2017-001

CVE Identifier: CVE-2017-2765

Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected products:

?

[ more ]  [ reply ]
SEC Consult SA-20170207 :: Path Traversal, Backdoor accounts & KNX group address password bypass in JUNG Smart Visu server 2017-02-07
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20170207-0 >
=======================================================================
title: Path Traversal, Backdoor accounts & KNX group address
password bypass
product: JUNG Smart Visu Server
vulnerab

[ more ]  [ reply ]
(Page 4 of 1709)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus