|
|
Colapse all |
Post message
[security bulletin] HPSBGN03633 rev.1 - HPE Release Control, Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access to Files or Server-Side Request Forgery(SSRF) 2016-08-03 security-alert hpe com Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability 2016-08-03 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160803-rv180_2 Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +---------------------- [ more ] [ reply ] Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Unauthorized Access Vulnerability 2016-08-03 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Unauthorized Access Vulnerability Advisory ID: cisco-sa-20160803-rv180_1 Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +------------------------ [ more ] [ reply ] Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability 2016-08-03 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability Advisory ID: cisco-sa-20160803-rv110_130w2 Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +--------------------------------------------- [ more ] [ reply ] Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing Denial of Service Vulnerability 2016-08-03 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing Denial of Service Vulnerability Advisory ID: cisco-sa-20160803-ucm Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +----------- [ more ] [ reply ] [SECURITY] [DSA 3639-1] wordpress security update 2016-08-03 Salvatore Bonaccorso (carnil debian org) WorldCIST'17 - Call for Workshops Proposals; Deadline: September 5 2016-08-03 Maria Lemos (marialemos72 gmail com) -- ----- --------- WorldCIST'17 - 5th World Conference on Information Systems and Technologies Porto Santo Island, Madeira, Portugal 11th-13th of April 2017 http://www.worldcist.org/ ------------------------------------------- WORKSHOP FORMAT The Information Systems and Technologies research and [ more ] [ reply ] Arbitrary File Content Disclosure in Atutor 2016-08-02 High-Tech Bridge Security Research (advisory htbridge ch) Advisory ID: HTB23297 Product: Atutor Vendor: Atutor Vulnerable Version(s): 2.2.1 and probably prior Tested Version: 2.2.1 Advisory Publication: February 24, 2016 [without technical details] Vendor Notification: February 24, 2016 Vendor Patch: July 1, 2016 Public Disclosure: August 2, 2016 Vuln [ more ] [ reply ] Cross-Site Scripting in WangGuard WordPress Plugin 2016-08-02 Summer of Pwnage (lists securify nl) ------------------------------------------------------------------------ Cross-Site Scripting in WangGuard WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016 ------------------------------------------------------------------------ Abst [ more ] [ reply ] Cross-Site Scripting in Uji Countdown WordPress Plugin 2016-08-02 Summer of Pwnage (lists securify nl) ------------------------------------------------------------------------ Cross-Site Scripting in Uji Countdown WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016 ------------------------------------------------------------------------ [ more ] [ reply ] WinSaber - Unquoted Service Path Privilege Escalation 2016-08-02 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== WinSaber - Unquoted Service Path Privilege Escalation References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1879 Release Date: ============= 2016-07-29 Vulnerability Laboratory ID (VL-ID): ================================= [ more ] [ reply ] Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities 2016-08-02 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1882 Release Date: ============= 2016-08-01 Vulnerability Laboratory ID (VL-ID): ============================ [ more ] [ reply ] Docebo LMS 6.9 - (Moxie) API Calls RST Remote Code Execution Vulnerability 2016-08-02 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Docebo LMS 6.9 - (Moxie) API Calls RST Remote Code Execution Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1888 Video: http://www.vulnerability-lab.com/get_content.php?id=1892 Release Date: =========== [ more ] [ reply ] Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability 2016-08-02 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1891 Release Date: ============= 2016-08-01 Vulnerability Laboratory ID (VL-ID): ========================== [ more ] [ reply ] Guppy CMS v5.01.03 - Client Side Cross Site Scripting Web Vulnerability 2016-08-02 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Guppy CMS v5.01.03 - Client Side Cross Site Scripting Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1887 Release Date: ============= 2016-07-29 Vulnerability Laboratory ID (VL-ID): ============== [ more ] [ reply ] FortiManager (Series) - Multiple Web Vulnerabilities 2016-08-02 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== FortiManager (Series) - Multiple Web Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1684 Fortinet PSIRT ID: 1624459 Release Notes 1: http://docs.fortinet.com/uploaded/files/2910/fortimanager-v5.4.0-rel [ more ] [ reply ] [security bulletin] HPSBGN03564 rev.2 - HPE Release Control using Java Deserialization, Remote Code Execution 2016-08-01 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c05063986 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05063986 Version: 2 HPSBGN03564 r [ more ] [ reply ] [security bulletin] HPSBUX03632 SSRT110194 rev.1 - HP-UX Mail Server running Sendmail, Local Unauthorized Disclosure of Information 2016-08-01 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c05216368 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05216368 Version: 1 HPSBUX03632 S [ more ] [ reply ] [CVE-2016-6480] Double-Fetch Vulnerability in Linux-4.5/drivers/scsi/aacraid/commctrl.c 2016-08-01 wpengfeinudt gmail com I found this double-fetch vulnerability when I was doing my research on double-fetch issue analysis, and I?d like to make an announcement here. This was found in Linux kernel file Linux-4.5/drivers/scsi/aacraid/commctrl.c, and crafted user space data change under race condition will lead to over-b [ more ] [ reply ] Cross-Site Request Forgery in ALO EasyMail Newsletter WordPress Plugin 2016-08-01 Summer of Pwnage (lists securify nl) ------------------------------------------------------------------------ Cross-Site Request Forgery in ALO EasyMail Newsletter WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016 --------------------------------------------------------- [ more ] [ reply ] Kaspersky Safe Browser iOS Application - MITM SSL Certificate Vulnerability (CVE-2016-6231) 2016-08-01 David Coomber (davidcoomber infosec gmail com) Kaspersky Safe Browser iOS Application - MITM SSL Certificate Vulnerability (CVE-2016-6231) -- http://www.info-sec.ca/advisories/Kaspersky-Safe-Browser.html Overview "Stay safe from malicious links, suspicious content and identity theft while you surfing the Internet." "Our Safe Browser covers th [ more ] [ reply ] Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability 2016-08-01 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1891 Release Date: ============= 2016-08-01 Vulnerability Laboratory ID (VL-ID): ========================== [ more ] [ reply ] Fortinet FortiManager & FortiAnalyzer - (filename) Persistent Web Vulnerability 2016-08-01 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Fortinet FortiManager & FortiAnalyzer - (filename) Persistent Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1687 Fortinet PSIRT ID: 1624561 Release Notes #1: http://docs.fortinet.com/uploaded/files/ [ more ] [ reply ] Cross-Site Scripting in Contact Bank WordPress Plugin 2016-08-01 Summer of Pwnage (lists securify nl) ------------------------------------------------------------------------ Cross-Site Scripting in Contact Bank WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016 ------------------------------------------------------------------------ A [ more ] [ reply ] SQL injection vulnerability in Booking Calendar WordPress Plugin 2016-08-01 Summer of Pwnage (lists securify nl) ------------------------------------------------------------------------ SQL injection vulnerability in Booking Calendar WordPress Plugin ------------------------------------------------------------------------ Edwin Molenaar, July 2016 -------------------------------------------------------------- [ more ] [ reply ] Cross-Site Scripting vulnerability in Booking Calendar WordPress Plugin 2016-08-01 Summer of Pwnage (lists securify nl) ------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Booking Calendar WordPress Plugin ------------------------------------------------------------------------ Edwin Molenaar, July 2016 ------------------------------------------------------- [ more ] [ reply ] [SECURITY] [DSA 3637-1] chromium-browser security update 2016-07-31 Michael Gilbert (mgilbert debian org) Multiple vulnerabilities in All In One WP Security & Firewall plugin login CAPTCHA 2016-07-31 Summer of Pwnage (lists securify nl) ------------------------------------------------------------------------ Multiple vulnerabilities in All In One WP Security & Firewall plugin login CAPTCHA ------------------------------------------------------------------------ Sipke Mellema, July 2016 --------------------------------------------- [ more ] [ reply ] Stored Cross-Site Scripting vulnerability in Easy Testimonials WordPress Plugin 2016-07-31 Summer of Pwnage (lists securify nl) ------------------------------------------------------------------------ Stored Cross-Site Scripting vulnerability in Easy Testimonials WordPress Plugin ------------------------------------------------------------------------ Bente Schopman, July 2016 ----------------------------------------------- [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05219560
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05219560
Version: 1
HPSBGN03633 r
[ more ] [ reply ]