Colapse all |
Post message
Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2017-12-08 Secunia Research (remove-vuln secunia com) Advisory - Hipchat Data Center, Hipchat Server - CVE-2017-14585 2017-11-29 Matthew Hart (mhart atlassian com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This email refers to the advisory found at https://confluence.atlassian.com/x/MXEGO . CVE ID: CVE-2017-14585. Products: Hipchat Data Center, Hipchat Server Affected Hipchat Data Center product versions: 3.0.0 <= version < 3.1.0 Affected Hipchat S [ more ] [ reply ] Advisory - Remote code execution in HipChat for Mac desktop client - CVE-2017-14586 2017-11-29 Matthew Hart (mhart atlassian com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This email refers to the advisory found at https://confluence.atlassian.com/x/NXEGO . CVE ID: * CVE-2017-14586. Product: Hipchat for Mac desktop client. Affected Hipchat for Mac desktop client product versions: 4.0 <= version < 4.30 Fixed Hip [ more ] [ reply ] Edward Snowden free speech at JBFone - Data Security & Privacy 2017-11-23 Vulnerability Lab (research vulnerability-lab com) Title: Edward Snowden free speech at JBFone - Data Security & Privacy Article: https://www.vulnerability-db.com/?q=articles%2F2017%2F11%2F23%2Fedward-s nowden-free-speech-jbfone-data-security-privacy Video: https://www.youtube.com/watch?v=JF45xq0W15c Press: https://www.heise.de/newsticker/meldung/ [ more ] [ reply ] [SECURITY] [DSA 4046-1] libspring-ldap-java security update 2017-11-22 Sebastien Delafond (seb debian org) CSNC-2017-029 MyTy Blind SQL Injection 2017-11-21 Advisories (advisories compass-security com) ############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # ############################################################# # # Product: MyTy # Vendor: Finlane GmbH # CSNC ID: CSNC-2017-029 # CVE ID: - # Su [ more ] [ reply ] [security bulletin] HPESBHF03798 rev.1 - HPE Proliant Gen10 Servers, DL20 Gen9, ML30 Gen9 and Certain Apollo Servers Using Intel Server Platform Service (SPS) v4.0, Local Denial of Service and Execution of Arbitrary Code 2017-11-21 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03798en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03798en_us Version: 1 HP [ more ] [ reply ] Secunia Research: Oracle Outside In Denial of Service Vulnerability 2017-11-21 Secunia Research (remove-vuln secunia com) CSNC-2017-030 MyTy Reflected Cross-Site Scripting (XSS) 2017-11-21 Advisories (advisories compass-security com) ############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # ############################################################# # # Product: MyTy # Vendor: Finlane GmbH # CSNC ID: CSNC-2017-030 # CVE ID: - # Su [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-17:10.kldstat [REVISED] 2017-11-21 FreeBSD Security Advisories (security-advisories freebsd org) [CVE-2017-15044] DocuWare FullText Search - Incorrect Access Control vulnerability 2017-11-20 Graham Leggett (minfrin sharp fm) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2017-15044: DocuWare FullText Search - Incorrect Access Control vulnerability Severity: High - ------------------------------------------ Vendor: DocuWare Europe GmbH Therese-Giehse-Platz 2 82110 Germering Germany - ------------------------ [ more ] [ reply ] [security bulletin] HPESBMU03794 rev.1 - HPE Insight Control, Multiple Remote Vulnerabilities 2017-11-16 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu 03794en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbmu03794en_us Version: 1 HP [ more ] [ reply ] [security bulletin] HPESBMU03795 rev.1 - HPE Matrix Operating Environment, Multiple Remote Vulnerabilities 2017-11-16 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu 03795en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbmu03795en_us Version: 1 HP [ more ] [ reply ] [SECURITY] [DSA 4037-1] jackson-databind security update 2017-11-16 Sebastien Delafond (seb debian org) [SECURITY] [DSA 4039-1] opensaml2 security update 2017-11-16 Salvatore Bonaccorso (carnil debian org) [security bulletin] HPESBHF03705 rev.4 - HPE Integrated Lights-Out 4, 3, 2 and Moonshot Remote Console Administrator (iLO 4 and MRCA) Remote Disclosure of Information 2017-11-15 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-HPESBHF 03705en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: HPESBHF03705en_us Version: 4 HP [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-17:10.kldstat 2017-11-15 FreeBSD Security Advisories (security-advisories freebsd org) FreeBSD Security Advisory FreeBSD-SA-17:09.shm 2017-11-15 FreeBSD Security Advisories (security-advisories freebsd org) FreeBSD Security Advisory FreeBSD-SA-17:08.ptrace 2017-11-15 FreeBSD Security Advisories (security-advisories freebsd org) Call for papers - WorldCIST'18 - Naples, Italy - Extended deadline: November 26 2017-11-15 Maria Lemos (marialemos72 gmail com) * Proceedings by Springer ** Extended versions of best selected papers will be published in JCR/SCI/SSCI journals ------------------------------------------------------------------------ --------------------------- WorldCist'18 - 6th World Conference on Information Systems and Technologies [ more ] [ reply ] CA20171114-01: Security Notice for CA Identity Governance 2017-11-14 Kotas, Kevin J (Kevin Kotas ca com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CA20171114-01: Security Notice for CA Identity Governance Issued: November 14, 2017 Last Updated: November 14, 2017 CA Technologies support is alerting customers to a potential risk with CA Identity Governance. A vulnerability exists that can potent [ more ] [ reply ] [SECURITY] [DSA 4033-1] konversation security update 2017-11-13 Salvatore Bonaccorso (carnil debian org) [CVE-2017-15288] A privilege escalation vulnerability in the Scala compilation daemon 2017-11-13 jason zaugg lightbend com A privilege escalation vulnerability has been identified in the Scala compilation daemon. The compile daemon is started explicitly by the `fsc` command, or implicitly by executing a Scala source file as a script (e.g `scala MyScript.scala`). Note: Using the `scala` command to start a REPL or to run [ more ] [ reply ] Symantec Endpoint Protection (SEP) v12.1 Tamper-protection Bypass CVE-2017-6331 (hyp3rlinx) 2017-11-13 apparitionsec gmail com Bypassable authentication in SingTel / Aztech DSL8900GR(AC) router 2017-11-11 cort accelerateworkshop com Credit: Cort Date: 5 Aug 2017 CVE: Not assigned Vendor: Aztech (https://www.aztech.com) / SingTel (https://www.singtel.com/) Product: Aztech DSL8900GR(AC) router Versions Affected: firmware 340.6.1-007 (latest available as of 9 Nov 2017) CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) [ more ] [ reply ] Advisory X41-2017-006: Multiple Vulnerabilities in PSFTPd Windows FTP Server 2017-11-10 X41 D-Sec GmbH Advisories (advisories x41-dsec de) X41 D-Sec GmbH Security Advisory: X41-2017-006 Multiple Vulnerabilities in PSFTPd Windows FTP Server ===================================================== Overview -------- Confirmed Affected Versions: 10.0.4 Build 729 Confirmed Patched Versions: None Vendor: Sergei Pleis Softwareentwicklung Vend [ more ] [ reply ] WebKitGTK+ Security Advisory WSA-2017-0009 2017-11-10 Carlos Alberto Lopez Perez (clopez igalia com) [RT-SA-2016-008] XML External Entity Expansion in Ladon Webservice 2017-11-09 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: XML External Entity Expansion in Ladon Webservice Attackers who can send SOAP messages to a Ladon webservice via the HTTP interface of the Ladon webservice can exploit an XML external entity expansion vulnerability and read local files, forge server side requests or overload the service w [ more ] [ reply ] [SECURITY] [DSA 4029-1] postgresql-common security update 2017-11-09 Moritz Muehlenhoff (jmm debian org) [SECURITY] [DSA 4028-1] postgresql-9.6 security update 2017-11-09 Moritz Muehlenhoff (jmm debian org) [SECURITY] [DSA 4027-1] postgresql-9.4 security update 2017-11-09 Moritz Muehlenhoff (jmm debian org) Datto Windows Agent 1.0.5.0 Remote Command Execution [CVE-2017-16673][CVE-2017-16674] 2017-11-09 brainn gmail com Credits ======= Brian Vincent, Michael Brumlow Software ======== Datto Windows Agent Vulnerability Details ===================== Discovered: Aug 25, 2017 Type: Remote code execution as LocalSystem Severity: Critical Description =========== CVE-2017-16673 Software: Datto Backup Agent for Windows, [ more ] [ reply ] AST-2017-009: Buffer overflow in pjproject header parsing can cause crash in Asterisk 2017-11-08 Asterisk Security Team (security asterisk org) AST-2017-010: Buffer overflow in CDR's set user 2017-11-08 Asterisk Security Team (security asterisk org) AST-2017-011: Memory leak in pjsip session resource 2017-11-08 Asterisk Security Team (security asterisk org) [SECURITY] [DSA 4020-1] chromium-browser security update 2017-11-07 Michael Gilbert (mgilbert debian org) CVE-2017-9096 iText XML External Entity Vulnerability 2017-11-06 Advisories (advisories compass-security com) ################################################################## # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/en/research/advisories/ # ################################################################## # # Product: iText PDF Library # Vendor: iText Group # CVE ID: CVE-2017-909 [ more ] [ reply ] Call for papers - WorldCIST'18 - Naples, Italy - Extended deadline: November 22 2017-11-05 ML (marialemos72 gmail com) * Proceedings by Springer ** Extended versions of best selected papers will be published in JCR/SCI/SSCI journals ------------------------------------------------------------------------ --------------------------- WorldCist'18 - 6th World Conference on Information Systems and Technologies [ more ] [ reply ] Webmin v1.850 Remote Code Execution (hyp3rlinx / apparitionsec) 2017-11-05 apparitionsec gmail com [+] SSD Beyond Security: https://blogs.securiteam.com/index.php/archives/3430 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/WEBMIN-v1.850-REMOTE-COMMAND- EXECUTION.txt [+] ISR: ApparitionSec Vulner [ more ] [ reply ] KL-001-2017-022 : Splunk Local Privilege Escalation 2017-11-03 KoreLogic Disclosures (disclosures korelogic com) KL-001-2017-022 : Splunk Local Privilege Escalation Title: Splunk Local Privilege Escalation Advisory ID: KL-001-2017-022 Publication Date: 2017.11.03 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-022.txt 1. Vulnerability Details Affected Vendor: Splunk Af [ more ] [ reply ] APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows 2017-10-31 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows iTunes 12.7.1 for Windows is now available and addresses the following: WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution [ more ] [ reply ] APPLE-SA-2017-10-31-11 Additional information for APPLE-SA-2017-09-20-3 tvOS 11 2017-10-31 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-10-31-11 Additional information for APPLE-SA-2017-09-20-3 tvOS 11 tvOS 11 addresses the following: 802.1X Available for: Apple TV (4th generation) Impact: An attacker may be able to exploit weaknesses in TLS 1.0 Description: A protocol [ more ] [ reply ] APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan 2017-10-31 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan are now available and address the fo [ more ] [ reply ] APPLE-SA-2017-10-31-12 Additional information for APPLE-SA-2017-09-25-9 macOS Server 5.4 2017-10-31 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-10-31-12 Additional information for APPLE-SA-2017-09-25-9 macOS Server 5.4 macOS Server 5.4 addresses the following: FreeRadius Available for: macOS High Sierra 10.13 Impact: Multiple issues in FreeRADIUS Description: Multiple issues [ more ] [ reply ] APPLE-SA-2017-10-31-3 tvOS 11.1 2017-10-31 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-10-31-3 tvOS 11.1 tvOS 11.1 is now available and addresses the following: CoreText Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted text file may lead to an unexpected application termin [ more ] [ reply ] APPLE-SA-2017-10-31-10 Additional information for APPLE-SA-2017-09-20-2 watchOS 4 2017-10-31 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-10-31-10 Additional information for APPLE-SA-2017-09-20-2 watchOS 4 watchOS 4 addresses the following: 802.1X Available for: All Apple Watch models Impact: An attacker may be able to exploit weaknesses in TLS 1.0 Description: A protoco [ more ] [ reply ] APPLE-SA-2017-10-31-7 iCloud for Windows 7.1 2017-10-31 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-10-31-7 iCloud for Windows 7.1 iCloud for Windows 7.1 is now available and addresses the following: WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Descr [ more ] [ reply ] APPLE-SA-2017-10-31-9 Additional information for APPLE-SA-2017-09-19-1 iOS 11 2017-10-31 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-10-31-9 Additional information for APPLE-SA-2017-09-19-1 iOS 11 iOS 11 addresses the following: 802.1X Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker may be able to exploit wea [ more ] [ reply ] APPLE-SA-2017-10-31-4 watchOS 4.1 2017-10-31 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-10-31-4 watchOS 4.1 watchOS 4.1 is now available and addresses the following: CoreText Available for: All Apple Watch models Impact: Processing a maliciously crafted text file may lead to an unexpected application termination Descripti [ more ] [ reply ] [security bulletin] HPESBHF03785 rev.1 - HPE B-Series SAN Network Advisor Software, Multiple Remote Vulnerabilities 2017-10-30 HPE Product Security Response Team (security-alert hpe com) -----Original Message----- From: security-alert (at) hpe (dot) com [email concealed] [mailto:security-alert (at) hpe (dot) com [email concealed]] Sent: Tuesday, October 17, 2017 3:27 PM Subject: [security bulletin] HPESBHF03785 rev.1 - HPE B-Series SAN Network Advisor Software, Multiple Remote Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash [ more ] [ reply ] [SECURITY] [DSA 4009-1] shadowsocks-libev security update 2017-10-29 Moritz Muehlenhoff (jmm debian org) [slackware-security] wget (SSA:2017-300-02) 2017-10-27 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] wget (SSA:2017-300-02) New wget packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ [ more ] [ reply ] [security bulletin] HPESBHF03787 rev.1 - Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT, Deserialization of Untrusted Data, Remote Code Execution 2017-10-27 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03787en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03787en_us Version: 1 HP [ more ] [ reply ] [VulnWatch] Advisory 02/2002: PHP remote vulnerability 2017-10-27 e-matters Security (security e-matters de) Bomgar Remote Support - Local Privilege Escalation (CVE-2017-5996) 2017-10-26 VSR Advisories (advisories vsecurity com) Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Virtual Security Research, LLC. Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â https://www.vsecurity.com/ Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Security Advisory =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =-=-=-= Advisory [ more ] [ reply ] October 2017 - Bamboo - Critical Security Advisory 2017-10-26 Atlassian (security atlassian com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 This email refers to the advisory found at https://confluence.atlassian.com/x/EZ-1Nw . CVE ID: * CVE-2017-9514. Product: Bamboo. Affected Bamboo product versions: 6.0.0 <= version < 6.0.5 6.1.0 <= version < 6.1.4 6.2.0 <= version < 6.2.1 Fixe [ more ] [ reply ] KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions 2017-10-24 KoreLogic Disclosures (disclosures korelogic com) KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions Title: Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions Advisory ID: KL-001-2017-020 Publication Date: 2017.10.24 Publication URL: https://www.korelogic.com/Resources/Advis [ more ] [ reply ] KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation 2017-10-24 KoreLogic Disclosures (disclosures korelogic com) KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation Title: Infoblox NetMRI Administration Shell Escape and Privilege Escalation Advisory ID: KL-001-2017-017 Publication Date: 2017.10.24 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-01 [ more ] [ reply ] [security bulletin] HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service 2017-10-23 HPE Product Security Response Team (security-alert hpe com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03779en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03779en_us Version: 1 [ more ] [ reply ] [SECURITY] [DSA 4002-1] mysql-5.5 security update 2017-10-19 Salvatore Bonaccorso (carnil debian org) FreeBSD Security Advisory FreeBSD-SA-17:07.wpa [REVISED] 2017-10-19 FreeBSD Security Advisories (security-advisories freebsd org) [slackware-security] xorg-server (SSA:2017-291-03) 2017-10-18 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] xorg-server (SSA:2017-291-03) New xorg-server packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patc [ more ] [ reply ] [slackware-security] wpa_supplicant (SSA:2017-291-02) 2017-10-18 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] wpa_supplicant (SSA:2017-291-02) New wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +-------------------------- [ more ] [ reply ] [slackware-security] libXres (SSA:2017-291-01) 2017-10-18 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libXres (SSA:2017-291-01) New libXres packages are available for Slackware 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ [ more ] [ reply ] WebKitGTK+ Security Advisory WSA-2017-0008 2017-10-18 Carlos Alberto Lopez Perez (clopez igalia com) SEC Consult SA-20171018-1 :: Multiple vulnerabilities in Linksys E-series products 2017-10-18 SEC Consult Vulnerability Lab (research sec-consult com) [security bulletin] HPESBHF03789 rev.2 - Certain HPE Gen9 Systems with HP Trusted Platform Module v2.0 Option, Unauthorized Access to Data 2017-10-17 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03789en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03789en_us Version: 2 HP [ more ] [ reply ] SEC Consult SA-20171016-0 :: Multiple vulnerabilities in Micro Focus VisiBroker C++ 2017-10-16 SEC Consult Vulnerability Lab (research sec-consult com) [security bulletin] MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege 2017-10-13 swpmb cyber-psrt microfocus com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://softwaresupport.hpe.com/km/KM02987868 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: KM02987868 Version: 1 MFSBGN03786 rev.1 - HPE Connected Backup, Loca [ more ] [ reply ] Advisory X41-2017-010: Command Execution in Shadowsocks-libev 2017-10-13 X41 D-Sec GmbH Advisories (advisories x41-dsec de) X41 D-Sec GmbH Security Advisory: X41-2017-010 Command Execution in Shadowsocks-libev ====================================== Overview -------- Severity Rating: High Confirmed Affected Versions: 3.1.0 Confirmed Patched Versions: N/A Vendor: Shadowsocks Vendor URL: https://github.com/shadowsocks/sh [ more ] [ reply ] Advisory X41-2017-008: Multiple Vulnerabilities in Shadowsocks 2017-10-13 X41 D-Sec GmbH Advisories (advisories x41-dsec de) X41 D-Sec GmbH Security Advisory: X41-2017-008 Multiple Vulnerabilities in Shadowsocks ======================================= Overview -------- Confirmed Affected Versions: Latest commit 2ab8c6b on Sep 6 Confirmed Patched Versions: N/A Vendor: Shadowsocks Vendor URL: https://github.com/shadowsoc [ more ] [ reply ] [RCESEC-2017-002][CVE-2017-14956] AlienVault USM v5.4.2 "/ossim/report/wizard_email.php" Cross-Site Request Forgery leading to Sensitive Information Disclosure 2017-10-13 Julien Ahrens (info rcesecurity com) Multiple vulnerabilities in OpenText Documentum Content Server 2017-10-13 Andrey B. Panfilov (andrew panfilov tel) CVE Identifier: CVE-2017-15012 Vendor: OpenText Affected products: OpenText Documentum Content Server (all versions) Researcher: Andrey B. Panfilov CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) Fix: not available Description: Opentext Documentum Content Server (formerly known as EMC [ more ] [ reply ] |
Privacy Statement |
Doctoral Symposium of CISTI'2018
13th Iberian Conference on Information Systems and Technologies
13 - 16 June 2018, Caceres, Spain
http://www.cisti.eu/
------------------------------------------------------------------------
---
The
[ more ] [ reply ]