|
|
Colapse all |
Post message
CVE-2015-1730: MSIE jscript9 JavaÂScriptÂStackÂWalker memory corruption details and PoC 2016-12-06 Berend-Jan Wever (berendj nwever nl) Re: CVE-2016-3222: MS Edge CBaseScriptable::PrivateQueryInterface memory corruption 2016-12-06 Berend-Jan Wever (berendj nwever nl) FYI: this link to my blog was 404 until early this morning. It is now up if you are still interested in reading it. On 05-12-2016 11:55, Berend-Jan Wever wrote: > Since November I have been releasing details on all vulnerabilities I > found in web-browsers that I had not released before. I will try [ more ] [ reply ] CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used 2016-12-05 Eissing Stefan (stefan eissing gmail com) Microsoft MSINFO32.EXE ".NFO" Files XML External Entity 2016-12-04 apparitionsec gmail com/hyp3rlinx [+] Credits: John Page aka hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-E XFILTRATION.txt [+] ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: ========================== Windows Sys [ more ] [ reply ] Microsoft Windows Media Center "ehshell.exe" XML External Entity 2016-12-04 apparitionsec gmail com/hyp3rlinx [+] Credits: John Page aka hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-MEDIA-CENTE R-XXE-FILE-DISCLOSURE.txt [+] ISR: ApparitionSec Vendor: ================== www.microsoft.com Product: =========================== [ more ] [ reply ] [slackware-security] mozilla-firefox (SSA:2016-336-01) 2016-12-01 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2016-336-01) New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ pa [ more ] [ reply ] [security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection 2016-11-30 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053247 59 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05324759 Version: 3 HPSBUX03665 rev.3 [ more ] [ reply ] [security bulletin] HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of Privilege 2016-11-30 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053475 41 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05347541 Version: 1 HPSBGN03680 rev.1 [ more ] [ reply ] [security bulletin] HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java Deserialization, Remote Code Execution 2016-11-30 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053448 49 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05344849 Version: 1 HPSBGN03677 rev.1 [ more ] [ reply ] [FOXMOLE SA 2016-05-02] e107 Content Management System (CMS) - Multiple Issues 2016-11-30 FOXMOLE Advisories (advisories foxmole com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 === FOXMOLE - Security Advisory 2016-05-02 === e107 Content Management System (CMS) - Multiple Issues ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Affected Versions ================= e107 2.1.2 Bootstrap CMS Issue Overview ============== [ more ] [ reply ] [security bulletin] HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain Privileged Access 2016-11-30 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053414 63 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05341463 Version: 1 HPSBHF03682 rev.1 [ more ] [ reply ] [RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler 2016-11-30 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler RedTeam Pentesting discovered behaviour in the Less.js compiler, which allows execution of arbitrary code if an untrusted LESS file is compiled. Details ======= Produc [ more ] [ reply ] XSS in tooltip plugin of Zurb Foundation 5 2016-11-29 Winni Neessen (winni insecure so) XSS vulnerabilty in the tooltip plugin of Zurb Foundation 5.x ============================================================= URL to this advisory: https://nop.li/foundation5tooltipxss Vendor ====== http://zurb.com/ Product ======= (Taken from http://foundation.zurb.com/sites/docs/v/5.5.3/) Foundat [ more ] [ reply ] Google Chrome Accessibility blink::Node corruption details 2016-11-29 Berend-Jan Wever (berendj nwever nl) Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the twenty-first entry in that series. Unfortunately I won't be able to publish everything within one month at the current rate, so I may continue to publish these throug [ more ] [ reply ] SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic 2016-11-28 SEC Consult Vulnerability Lab (research sec-consult com) Core FTP LE v2.2 Remote SSH/SFTP Buffer Overflow 2016-11-27 apparitionsec gmail com/hyp3rlinx [+] Credits: John Page aka hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/CORE-FTP-REMOTE-SSH-SFTP-BUFF ER-OVERFLOW.txt [+] ISR: ApparitionSec Vendor: =============== www.coreftp.com Product: ======================== Core FTP LE (clie [ more ] [ reply ] WorldCIST'2017 - Submission deadline: November 30 2016-11-26 ML (marialemos72 gmail com) * Best papers published in several SCI/SSCI-indexed journals ** Proceedings by Springer, indexed by ISI, Scopus, DBLP, EI-Compendex, etc. ------------------------------------------------------------------------ --------- WorldCIST'17 - 5th World Conference on Information Systems and Technologies Po [ more ] [ reply ] CVE 2016-6803: Apache OpenOffice Unquoted Search Path Vulnerability 2016-11-25 Apache OpenOffice Security (orcmid apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2016-6803 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-6803> Apache OpenOffice Advisory <https://www.openoffice.org/security/cves/CVE-2016-6803.html> Title: Windows Installer Can Enable Privileged Trojan Execution Version 1.0 Announced O [ more ] [ reply ] Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25 Jackie Blanco (jackie sdiwc info) ********************************************************************* Call for Participation CyberSec2017: The Fifth International Conference on Cyber Security, Cyber Welfare and Digital Forensic 22-24 April 2017, St. Mary's University, Addis Ababa, Ethiopia https://goo.gl/mbDr7F ************** [ more ] [ reply ] [SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update 2016-11-24 Salvatore Bonaccorso (carnil debian org) Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25 Jackie Blanco (jackie sdiwc info) ********************************************************************* Call for Participation CyberSec2017: The Fifth International Conference on Cyber Security, Cyber Welfare and Digital Forensic 22-24 April 2017, St. Mary's University, Addis Ababa, Ethiopia https://goo.gl/mbDr7F ************** [ more ] [ reply ] [SECURITY] [DSA 3723-1] gst-plugins-good1.0 security update 2016-11-24 Salvatore Bonaccorso (carnil debian org) WorldCIST'17 - Submission deadline: November 27 2016-11-24 ML (marialemos72 gmail com) * Best papers published in SCI/SSCI-indexed journals ** Proceedings by Springer, indexed in ISI, Scopus, DBLP, EI-Compendex, etc. ------------------------------------------------------------------------ --------- WorldCIST'17 - 5th World Conference on Information Systems and Technologies Porto Sant [ more ] [ reply ] [SYSS-2016-107] EASY HOME Alarmanlagen-Set - Cryptographic Issues (CWE-310) 2016-11-24 gerhard klostermeier syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2016-107 Product: EASY HOME Alarmanlagen-Set Manufacturer: monolith GmbH Affected Version(s): Model No. MAS-S01-09 Tested Version(s): Model No. MAS-S01-09 Vulnerability Type: Cryptographic Issues (CWE-310) Risk Level: Low Solution St [ more ] [ reply ] [SYSS-2016-071] Blaupunkt Smart GSM Alarm SA 2500 Kit - Missing Protection against Replay Attacks 2016-11-24 matthias deeg syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2016-071 Product: Smart GSM Alarm SA 2500 Kit Manufacturer: Blaupunkt Affected Version(s): v1.0 Tested Version(s): v1.0 Vulnerability Type: Missing Protection against Replay Attacks Risk Level: Medium Solution Status: Open Manufactur [ more ] [ reply ] [SYSS-2016-064] Multi Kon Trade M2B GSM Wireless Alarm System - Improper Restriction of Excessive Authentication Attempts (CWE-307) 2016-11-24 gerhard klostermeier syss de [SYSS-2016-066] Multi Kon Trade M2B GSM Wireless Alarm System - Missing Protection against Replay Attacks 2016-11-24 gerhard klostermeier syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2016-066 Product: M2B GSM Wireless Alarm System Manufacturer: Multi Kon Trade Affected Version(s): Unspecified Tested Version(s): Unspecified Vulnerability Type: Missing Protection against Replay Attacks Risk Level: Medium Solution S [ more ] [ reply ] [CVE-2016-7098] GNU Wget < 1.18 Access List Bypass / Race Condition 2016-11-24 Dawid Golunski (dawid legalhackers com) Vulnerability: GNU Wget < 1.18 Access List Bypass / Race Condition CVE-2016-7098 Discovered by: Dawid Golunski (@dawid_golunski) https://legalhackers.com Severity: Medium GNU wget in version 1.17 and earlier, when used in mirroring/recursive mode, is affected by a Race Condition vulnerability th [ more ] [ reply ] [security bulletin] HPSBHF03673 rev.1 - HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Multiple Remote Vulnerabilities 2016-11-23 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053368 88 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05336888 Version: 1 HPSBHF03673 rev.1 [ more ] [ reply ] |
|
Privacy Statement |
found in web-browsers that I had not released before. I will try to
continue to publish all my old vulnerabilities, including those not in
web-browser, as long as I can find some time to do so. If you find this
information useful,
[ more ] [ reply ]