BugTraq Mode:
(Page 12 of 1738)  < Prev  7 8 9 10 11 12 13 14 15 16 17  Next >
Intel CPU bug forcing page table switch during syscalls? 2018-01-03
Pavel Machek (pavel ucw cz)
Hi!

It looks like there's Intel CPU bug, allowing prefetch from kernel
memory. It seems to be reason KASLR patches are pushed so fast to Linux.

https://mobile.twitter.com/brainsmoke/status/948561799875502080/photo/1
https://forums.freebsd.org/threads/63955/page-2#post-371276

Hmm.

Does that mean

[ more ]  [ reply ]
[security bulletin] HPESBHF03803 rev.1 - Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance, Remote Denial of Service and Execution of Code 2018-01-03
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03803en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03803en_us

Version: 1

HP

[ more ]  [ reply ]
[security bulletin] MFSBGN03793 rev.2 - Project and Portfolio Management Center, Multiple vulnerabilities 2018-01-03
cyber-psrt microfocus com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://softwaresupport.hpe.com/document/-/facetsearch/document/KM030144
26

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM03014426

Version: 2

MFSBGN03793 rev.2

[ more ]  [ reply ]
CVE-2017-6094 - Genexis GAPS Access Control Vulnerability 2018-01-03
Antoine Neuenschwander (antoine schoggi org)
########################################################################
########
# #
# CVE-2017-6094 - Genexis GAPS Access Control Vulnerability #
#

[ more ]  [ reply ]
b2evolution CMS 6.6.0 - 6.8.10 PHP code execution 2018-01-02
Anti Räis (antirais gmail com)
b2evolution CMS 6.6.0 - 6.8.10 PHP code execution
#################################################

Information
===========

Name: b2evolution CMS 6.8.10
Software: b2evolution CMS
Homepage: http://b2evolution.net/
Vulnerability: PHP code execution
Prerequisites: publicly accessib

[ more ]  [ reply ]
Advisory - Bamboo - CVE-2017-14589 CVE-2017-14590 2018-01-03
Atlassian (security atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This email refers to the advisory found at
https://confluence.atlassian.com/x/6FcGO .

CVE ID:

* CVE-2017-14589.
* CVE-2017-14590.

Product: Bamboo.

Affected Bamboo product versions:

version < 6.1.6
6.2.0 <= version < 6.2.5

Fixed Bamboo product

[ more ]  [ reply ]
APPLE-SA-2017-12-13-1 iOS 11.2.1 2017-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-12-13-1 iOS 11.2.1

iOS 11.2.1 is now available and addresses the following:

HomeKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to unexpectedly alter
appli

[ more ]  [ reply ]
APPLE-SA-2017-12-13-2 tvOS 11.2.1 2017-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-12-13-2 tvOS 11.2.1

tvOS 11.2.1 is now available and addresses the following:

HomeKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A remote attacker may be able to unexpectedly alter
application state
Description: A

[ more ]  [ reply ]
AST-2017-012: Remote Crash Vulnerability in RTCP Stack 2017-12-13
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2017-012

Product Asterisk
Summary Remote Crash Vulnerability in RTCP Stack
Nature of Advisory Denial of Service

[ more ]  [ reply ]
APPLE-SA-2017-12-13-7 Additional information for APPLE-SA-2017-12-6-4 tvOS 11.2 2017-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-12-13-7 Additional information for
APPLE-SA-2017-12-6-4 tvOS 11.2

tvOS 11.2 addresses the following:

IOSurface
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
k

[ more ]  [ reply ]
ADVISORY - Kemp Load Balancers - Module Application Firewall Pack (AFP) - Web Application Firewall (WAF) does not inspect HTTP POST data - CVE-2017-15524 2017-12-14
tim kretschmann pallas com
1. ADVISORY SUMMARY

Kemp Load Balancers - Module Application Firewall Pack (AFP) - Web Application Firewall (WAF) does not inspect HTTP POST data

Risk: high

Application: Kemp Load Balancers - Module Application Firewall Pack (AFP)
Versions Affected: 7.1.30 (Nov 2015) to 7.2.40 (Oct 2017) // Older

[ more ]  [ reply ]
APPLE-SA-2017-12-13-5 Safari 11.0.2 2017-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-12-13-5 Safari 11.0.2

Safari 11.0.2 addresses the following:

WebKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and
macOS High Sierra 10.13.2
Impact: Processing maliciously crafted web content may lead to
arbitrary co

[ more ]  [ reply ]
[SECURITY] [DSA 4064-1] chromium-browser security update 2017-12-12
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4064-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Michael Gilbert
December 12, 2017

[ more ]  [ reply ]
Advisory - Fisheye and Crucible - CVE-2017-14591 2017-12-10
Atlassian (security atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This email refers to the advisory found at
https://confluence.atlassian.com/x/qVcGO and
https://confluence.atlassian.com/x/plcGO .

CVE ID:

* CVE-2017-14591.

Product: Fisheye and Crucible.

Affected Fisheye and Crucible product versions:

version

[ more ]  [ reply ]
[SECURITY] [DSA 4062-1] firefox-esr security update 2017-12-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4062-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
December 10, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4060-1] wireshark security update 2017-12-09
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4060-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
December 09, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4061-1] thunderbird security update 2017-12-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4061-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
December 10, 2017

[ more ]  [ reply ]
[slackware-security] openssl (SSA:2017-342-01) 2017-12-09
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] openssl (SSA:2017-342-01)

New openssl packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/openssl-

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-17:12.openssl 2017-12-09
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-17:12.openssl Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[SECURITY] [DSA 4059-1] libxcursor security update 2017-12-08
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4059-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
December 08, 2017

[ more ]  [ reply ]
CISTI'2018 -- Doctoral Symposium -- Call for contributions 2017-12-08
ML (marialemos72 gmail com)
------------------------------------------------------------------
Doctoral Symposium of CISTI'2018
13th Iberian Conference on Information Systems and Technologies
13 - 16 June 2018, Caceres, Spain
http://www.cisti.eu/
------------------------------------------------------------------------
---

The

[ more ]  [ reply ]
Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2017-12-08
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2017/12/08

LibRaw Multiple Denial of Service Vulnerabilities

=====================================================================

[ more ]  [ reply ]
[SECURITY] [DSA 4058-1] optipng security update 2017-12-08
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4058-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
December 08, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4057-1] erlang security update 2017-12-08
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4057-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
December 08, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4056-1] nova security update 2017-12-07
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4056-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
December 07, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4052-1] bzr security update 2017-11-29
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4052-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 29, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4051-1] curl security update 2017-11-29
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4051-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Yves-Alexis Perez
November 29, 2017

[ more ]  [ reply ]
Advisory - Hipchat Data Center, Hipchat Server - CVE-2017-14585 2017-11-29
Matthew Hart (mhart atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This email refers to the advisory found at
https://confluence.atlassian.com/x/MXEGO .

CVE ID: CVE-2017-14585.

Products: Hipchat Data Center, Hipchat Server

Affected Hipchat Data Center product versions: 3.0.0 <= version < 3.1.0
Affected Hipchat S

[ more ]  [ reply ]
Advisory - Remote code execution in HipChat for Mac desktop client - CVE-2017-14586 2017-11-29
Matthew Hart (mhart atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This email refers to the advisory found at
https://confluence.atlassian.com/x/NXEGO .

CVE ID:

* CVE-2017-14586.

Product: Hipchat for Mac desktop client.

Affected Hipchat for Mac desktop client product versions:

4.0 <= version < 4.30

Fixed Hip

[ more ]  [ reply ]
[SECURITY] [DSA 4050-1] xen security update 2017-11-28
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4050-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 28, 2017

[ more ]  [ reply ]
(Page 12 of 1738)  < Prev  7 8 9 10 11 12 13 14 15 16 17  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus