BugTraq Mode:
(Page 7 of 524)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
CISTI'2018 -- Doctoral Symposium -- Call for contributions 2017-12-08
ML (marialemos72 gmail com)
------------------------------------------------------------------
Doctoral Symposium of CISTI'2018
13th Iberian Conference on Information Systems and Technologies
13 - 16 June 2018, Caceres, Spain
http://www.cisti.eu/
------------------------------------------------------------------------
---

The

[ more ]  [ reply ]
Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2017-12-08
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2017/12/08

LibRaw Multiple Denial of Service Vulnerabilities

=====================================================================

[ more ]  [ reply ]
[SECURITY] [DSA 4058-1] optipng security update 2017-12-08
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4058-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
December 08, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4057-1] erlang security update 2017-12-08
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4057-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
December 08, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4056-1] nova security update 2017-12-07
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4056-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
December 07, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4052-1] bzr security update 2017-11-29
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4052-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 29, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4051-1] curl security update 2017-11-29
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4051-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Yves-Alexis Perez
November 29, 2017

[ more ]  [ reply ]
Advisory - Hipchat Data Center, Hipchat Server - CVE-2017-14585 2017-11-29
Matthew Hart (mhart atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This email refers to the advisory found at
https://confluence.atlassian.com/x/MXEGO .

CVE ID: CVE-2017-14585.

Products: Hipchat Data Center, Hipchat Server

Affected Hipchat Data Center product versions: 3.0.0 <= version < 3.1.0
Affected Hipchat S

[ more ]  [ reply ]
Advisory - Remote code execution in HipChat for Mac desktop client - CVE-2017-14586 2017-11-29
Matthew Hart (mhart atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This email refers to the advisory found at
https://confluence.atlassian.com/x/NXEGO .

CVE ID:

* CVE-2017-14586.

Product: Hipchat for Mac desktop client.

Affected Hipchat for Mac desktop client product versions:

4.0 <= version < 4.30

Fixed Hip

[ more ]  [ reply ]
[SECURITY] [DSA 4050-1] xen security update 2017-11-28
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4050-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 28, 2017

[ more ]  [ reply ]
Edward Snowden free speech at JBFone - Data Security & Privacy 2017-11-23
Vulnerability Lab (research vulnerability-lab com)
Title: Edward Snowden free speech at JBFone - Data Security & Privacy

Article:
https://www.vulnerability-db.com/?q=articles%2F2017%2F11%2F23%2Fedward-s
nowden-free-speech-jbfone-data-security-privacy

Video: https://www.youtube.com/watch?v=JF45xq0W15c

Press:
https://www.heise.de/newsticker/meldung/

[ more ]  [ reply ]
[SECURITY] [DSA 4046-1] libspring-ldap-java security update 2017-11-22
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4046-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
November 22, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4045-1] vlc security update 2017-11-21
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4045-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 21, 2017

[ more ]  [ reply ]
CSNC-2017-029 MyTy Blind SQL Injection 2017-11-21
Advisories (advisories compass-security com)
#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: MyTy
# Vendor: Finlane GmbH
# CSNC ID: CSNC-2017-029
# CVE ID: -
# Su

[ more ]  [ reply ]
[security bulletin] HPESBHF03798 rev.1 - HPE Proliant Gen10 Servers, DL20 Gen9, ML30 Gen9 and Certain Apollo Servers Using Intel Server Platform Service (SPS) v4.0, Local Denial of Service and Execution of Arbitrary Code 2017-11-21
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03798en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03798en_us

Version: 1

HP

[ more ]  [ reply ]
Secunia Research: Oracle Outside In Denial of Service Vulnerability 2017-11-21
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2017/10/21

Oracle Outside In Denial of Service Vulnerability

======================================================================

Table of Contents

Affected Software.

[ more ]  [ reply ]
[SECURITY] [DSA 4044-1] swauth security update 2017-11-21
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4044-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Yves-Alexis Perez
November 21, 2017

[ more ]  [ reply ]
CSNC-2017-030 MyTy Reflected Cross-Site Scripting (XSS) 2017-11-21
Advisories (advisories compass-security com)
#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: MyTy
# Vendor: Finlane GmbH
# CSNC ID: CSNC-2017-030
# CVE ID: -
# Su

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-17:10.kldstat [REVISED] 2017-11-21
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-17:10.kldstat Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[CVE-2017-15044] DocuWare FullText Search - Incorrect Access Control vulnerability 2017-11-20
Graham Leggett (minfrin sharp fm)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

CVE-2017-15044: DocuWare FullText Search - Incorrect Access Control vulnerability

Severity: High

- ------------------------------------------

Vendor:

DocuWare Europe GmbH
Therese-Giehse-Platz 2 82110 Germering Germany

- ------------------------

[ more ]  [ reply ]
[security bulletin] HPESBMU03794 rev.1 - HPE Insight Control, Multiple Remote Vulnerabilities 2017-11-16
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu
03794en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbmu03794en_us

Version: 1

HP

[ more ]  [ reply ]
[security bulletin] HPESBMU03795 rev.1 - HPE Matrix Operating Environment, Multiple Remote Vulnerabilities 2017-11-16
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu
03795en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbmu03795en_us

Version: 1

HP

[ more ]  [ reply ]
[SECURITY] [DSA 4037-1] jackson-databind security update 2017-11-16
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4037-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
November 16, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4039-1] opensaml2 security update 2017-11-16
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4039-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 16, 2017

[ more ]  [ reply ]
[security bulletin] HPESBHF03705 rev.4 - HPE Integrated Lights-Out 4, 3, 2 and Moonshot Remote Console Administrator (iLO 4 and MRCA) Remote Disclosure of Information 2017-11-15
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-HPESBHF
03705en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: HPESBHF03705en_us

Version: 4

HP

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-17:10.kldstat 2017-11-15
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-17:10.kldstat Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-17:09.shm 2017-11-15
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-17:09.shm Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-17:08.ptrace 2017-11-15
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-17:08.ptrace Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[SECURITY] [DSA 4036-1] mediawiki security update 2017-11-15
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4036-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 15, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4035-1] firefox-esr security update 2017-11-15
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4035-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 15, 2017

[ more ]  [ reply ]
Call for papers - WorldCIST'18 - Naples, Italy - Extended deadline: November 26 2017-11-15
Maria Lemos (marialemos72 gmail com)

* Proceedings by Springer

** Extended versions of best selected papers will be published in JCR/SCI/SSCI journals

------------------------------------------------------------------------
---------------------------
WorldCist'18 - 6th World Conference on Information Systems and Technologies

[ more ]  [ reply ]
CA20171114-01: Security Notice for CA Identity Governance 2017-11-14
Kotas, Kevin J (Kevin Kotas ca com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20171114-01: Security Notice for CA Identity Governance

Issued: November 14, 2017
Last Updated: November 14, 2017

CA Technologies support is alerting customers to a potential risk
with CA Identity Governance. A vulnerability exists that can
potent

[ more ]  [ reply ]
[SECURITY] [DSA 4033-1] konversation security update 2017-11-13
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4033-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 13, 2017

[ more ]  [ reply ]
[CVE-2017-15288] A privilege escalation vulnerability in the Scala compilation daemon 2017-11-13
jason zaugg lightbend com
A privilege escalation vulnerability has been identified in the Scala compilation daemon.

The compile daemon is started explicitly by the `fsc` command, or implicitly by executing
a Scala source file as a script (e.g `scala MyScript.scala`). Note: Using the `scala`
command to start a REPL or to run

[ more ]  [ reply ]
Symantec Endpoint Protection (SEP) v12.1 Tamper-protection Bypass CVE-2017-6331 (hyp3rlinx) 2017-11-13
apparitionsec gmail com
[+] Credits: John Page a.k.a hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-6331-SYMANTEC-ENDPOI
NT-PROTECTION-TAMPER-PROTECTION-BYPASS.txt
[+] ISR: ApparitionSec

Vendor:
=======
www.symantec.com

Product:
==========

[ more ]  [ reply ]
[SECURITY] [DSA 4032-1] imagemagick security update 2017-11-12
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4032-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 12, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4031-1] ruby2.3 security update 2017-11-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4031-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 11, 2017

[ more ]  [ reply ]
Bypassable authentication in SingTel / Aztech DSL8900GR(AC) router 2017-11-11
cort accelerateworkshop com
Credit: Cort
Date: 5 Aug 2017
CVE: Not assigned
Vendor: Aztech (https://www.aztech.com) / SingTel (https://www.singtel.com/)
Product: Aztech DSL8900GR(AC) router
Versions Affected: firmware 340.6.1-007 (latest available as of 9 Nov 2017)
CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

[ more ]  [ reply ]
[SECURITY] [DSA 4006-2] mupdf security update 2017-11-10
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4006-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/
November 10, 2017

[ more ]  [ reply ]
Advisory X41-2017-006: Multiple Vulnerabilities in PSFTPd Windows FTP Server 2017-11-10
X41 D-Sec GmbH Advisories (advisories x41-dsec de)

X41 D-Sec GmbH Security Advisory: X41-2017-006

Multiple Vulnerabilities in PSFTPd Windows FTP Server
=====================================================

Overview
--------
Confirmed Affected Versions: 10.0.4 Build 729
Confirmed Patched Versions: None
Vendor: Sergei Pleis Softwareentwicklung
Vend

[ more ]  [ reply ]
WebKitGTK+ Security Advisory WSA-2017-0009 2017-11-10
Carlos Alberto Lopez Perez (clopez igalia com)
------------------------------------------------------------------------

WebKitGTK+ Security Advisory WSA-2017-0009
------------------------------------------------------------------------

Date reported : November 10, 2017
Advisory ID : WSA-2017-0009
Adviso

[ more ]  [ reply ]
[RT-SA-2016-008] XML External Entity Expansion in Ladon Webservice 2017-11-09
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: XML External Entity Expansion in Ladon Webservice

Attackers who can send SOAP messages to a Ladon webservice via the HTTP
interface of the Ladon webservice can exploit an XML external entity expansion
vulnerability and read local files, forge server side requests or overload the
service w

[ more ]  [ reply ]
[SECURITY] [DSA 4029-1] postgresql-common security update 2017-11-09
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4029-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 09, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4028-1] postgresql-9.6 security update 2017-11-09
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4028-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 09, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4027-1] postgresql-9.4 security update 2017-11-09
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4027-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 09, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4026-1] bchunk security update 2017-11-09
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4026-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
November 09, 2017

[ more ]  [ reply ]
Datto Windows Agent 1.0.5.0 Remote Command Execution [CVE-2017-16673][CVE-2017-16674] 2017-11-09
brainn gmail com
Credits
=======
Brian Vincent, Michael Brumlow

Software
========
Datto Windows Agent

Vulnerability Details
=====================
Discovered: Aug 25, 2017
Type: Remote code execution as LocalSystem
Severity: Critical

Description
===========

CVE-2017-16673
Software: Datto Backup Agent for Windows,

[ more ]  [ reply ]
AST-2017-009: Buffer overflow in pjproject header parsing can cause crash in Asterisk 2017-11-08
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2017-009

Product Asterisk
Summary Buffer overflow in pjproject header parsing can
cause crash in Asterisk

[ more ]  [ reply ]
AST-2017-010: Buffer overflow in CDR's set user 2017-11-08
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2017-010

Product Asterisk
Summary Buffer overflow in CDR's set user
Nature of Advisory Buffer Overflow

[ more ]  [ reply ]
AST-2017-011: Memory leak in pjsip session resource 2017-11-08
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2017-011

Product Asterisk
Summary Memory leak in pjsip session resource
Nature of Advisory Memory leak

[ more ]  [ reply ]
[SECURITY] [DSA 4025-1] libpam4j security update 2017-11-08
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4025-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 08, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4021-1] otrs2 security update 2017-11-07
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4021-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 07, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4020-1] chromium-browser security update 2017-11-07
Michael Gilbert (mgilbert debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4020-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Michael Gilbert
November 05, 2017

[ more ]  [ reply ]
CVE-2017-9096 iText XML External Entity Vulnerability 2017-11-06
Advisories (advisories compass-security com)
##################################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/en/research/advisories/
#
##################################################################
#
# Product: iText PDF Library
# Vendor: iText Group
# CVE ID: CVE-2017-909

[ more ]  [ reply ]
Call for papers - WorldCIST'18 - Naples, Italy - Extended deadline: November 22 2017-11-05
ML (marialemos72 gmail com)

* Proceedings by Springer

** Extended versions of best selected papers will be published in JCR/SCI/SSCI journals

------------------------------------------------------------------------
---------------------------
WorldCist'18 - 6th World Conference on Information Systems and Technologies

[ more ]  [ reply ]
Webmin v1.850 Remote Code Execution (hyp3rlinx / apparitionsec) 2017-11-05
apparitionsec gmail com
[+] SSD Beyond Security: https://blogs.securiteam.com/index.php/archives/3430
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/WEBMIN-v1.850-REMOTE-COMMAND-
EXECUTION.txt
[+] ISR: ApparitionSec

Vulner

[ more ]  [ reply ]
[SECURITY] [DSA 4019-1] imagemagick security update 2017-11-05
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4019-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 05, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4016-1] irssi security update 2017-11-03
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4016-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 03, 2017

[ more ]  [ reply ]
KL-001-2017-022 : Splunk Local Privilege Escalation 2017-11-03
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2017-022 : Splunk Local Privilege Escalation

Title: Splunk Local Privilege Escalation
Advisory ID: KL-001-2017-022
Publication Date: 2017.11.03
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-022.txt

1. Vulnerability Details

Affected Vendor: Splunk
Af

[ more ]  [ reply ]
[SECURITY] [DSA 4015-1] openjdk-8 security update 2017-11-02
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4015-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 02, 2017

[ more ]  [ reply ]
APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows

iTunes 12.7.1 for Windows is now available and addresses the
following:

WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution

[ more ]  [ reply ]
APPLE-SA-2017-10-31-11 Additional information for APPLE-SA-2017-09-20-3 tvOS 11 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-11
Additional information for APPLE-SA-2017-09-20-3 tvOS 11

tvOS 11 addresses the following:

802.1X
Available for: Apple TV (4th generation)
Impact: An attacker may be able to exploit weaknesses in TLS 1.0
Description: A protocol

[ more ]  [ reply ]
APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1,
Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan

macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security
Update 2017-004 El Capitan are now available and address the
fo

[ more ]  [ reply ]
APPLE-SA-2017-10-31-12 Additional information for APPLE-SA-2017-09-25-9 macOS Server 5.4 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-12
Additional information for APPLE-SA-2017-09-25-9 macOS Server 5.4

macOS Server 5.4 addresses the following:

FreeRadius
Available for: macOS High Sierra 10.13
Impact: Multiple issues in FreeRADIUS
Description: Multiple issues

[ more ]  [ reply ]
APPLE-SA-2017-10-31-3 tvOS 11.1 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-3 tvOS 11.1

tvOS 11.1 is now available and addresses the following:

CoreText
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted text file may lead to an
unexpected application termin

[ more ]  [ reply ]
APPLE-SA-2017-10-31-10 Additional information for APPLE-SA-2017-09-20-2 watchOS 4 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-10
Additional information for APPLE-SA-2017-09-20-2 watchOS 4

watchOS 4 addresses the following:

802.1X
Available for: All Apple Watch models
Impact: An attacker may be able to exploit weaknesses in TLS 1.0
Description: A protoco

[ more ]  [ reply ]
APPLE-SA-2017-10-31-7 iCloud for Windows 7.1 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-7 iCloud for Windows 7.1

iCloud for Windows 7.1 is now available and addresses the following:

WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Descr

[ more ]  [ reply ]
APPLE-SA-2017-10-31-9 Additional information for APPLE-SA-2017-09-19-1 iOS 11 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-9
Additional information for APPLE-SA-2017-09-19-1 iOS 11

iOS 11 addresses the following:

802.1X
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit wea

[ more ]  [ reply ]
APPLE-SA-2017-10-31-4 watchOS 4.1 2017-10-31
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-4 watchOS 4.1

watchOS 4.1 is now available and addresses the following:

CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted text file may lead to an
unexpected application termination
Descripti

[ more ]  [ reply ]
[security bulletin] HPESBHF03785 rev.1 - HPE B-Series SAN Network Advisor Software, Multiple Remote Vulnerabilities 2017-10-30
HPE Product Security Response Team (security-alert hpe com)
-----Original Message-----

From: security-alert (at) hpe (dot) com [email concealed] [mailto:security-alert (at) hpe (dot) com [email concealed]]

Sent: Tuesday, October 17, 2017 3:27 PM

Subject: [security bulletin] HPESBHF03785 rev.1 - HPE B-Series SAN Network Advisor Software, Multiple Remote Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----

Hash

[ more ]  [ reply ]
[SECURITY] [DSA 4009-1] shadowsocks-libev security update 2017-10-29
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4009-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
October 29, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4012-1] libav security update 2017-10-30
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4012-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
October 31, 2017

[ more ]  [ reply ]
[slackware-security] wget (SSA:2017-300-02) 2017-10-27
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] wget (SSA:2017-300-02)

New wget packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+

[ more ]  [ reply ]
[security bulletin] HPESBHF03787 rev.1 - Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT, Deserialization of Untrusted Data, Remote Code Execution 2017-10-27
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03787en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03787en_us

Version: 1

HP

[ more ]  [ reply ]
[VulnWatch] Advisory 02/2002: PHP remote vulnerability 2017-10-27
e-matters Security (security e-matters de)
e-matters GmbH
www.e-matters.de

-= Security Advisory =-

Advisory: Remote Compromise/DOS Vulnerability in PHP
Release Date: 2002/07/22
Last Modified: 2002/07/22
Author: Stefan Esser [s.esser (at) e-matters (dot) de [email concealed]]

[ more ]  [ reply ]
Bomgar Remote Support - Local Privilege Escalation (CVE-2017-5996) 2017-10-26
VSR Advisories (advisories vsecurity com)

                   Virtual Security Research, LLC.
                      https://www.vsecurity.com/
                          Security Advisory

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=

Advisory

[ more ]  [ reply ]
October 2017 - Bamboo - Critical Security Advisory 2017-10-26
Atlassian (security atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This email refers to the advisory found at
https://confluence.atlassian.com/x/EZ-1Nw .

CVE ID:

* CVE-2017-9514.

Product: Bamboo.

Affected Bamboo product versions:

6.0.0 <= version < 6.0.5
6.1.0 <= version < 6.1.4
6.2.0 <= version < 6.2.1

Fixe

[ more ]  [ reply ]
KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions 2017-10-24
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions

Title: Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions
Advisory ID: KL-001-2017-020
Publication Date: 2017.10.24
Publication URL: https://www.korelogic.com/Resources/Advis

[ more ]  [ reply ]
KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation 2017-10-24
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation

Title: Infoblox NetMRI Administration Shell Escape and Privilege Escalation
Advisory ID: KL-001-2017-017
Publication Date: 2017.10.24
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-01

[ more ]  [ reply ]
[SECURITY] [DSA 4006-1] mupdf security update 2017-10-24
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4006-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/
October 24, 2017

[ more ]  [ reply ]
[security bulletin] HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service 2017-10-23
HPE Product Security Response Team (security-alert hpe com)
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03779en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03779en_us

Version: 1

[ more ]  [ reply ]
[SECURITY] [DSA 4003-1] libvirt security update 2017-10-19
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4003-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
October 19, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 4002-1] mysql-5.5 security update 2017-10-19
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4002-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
October 19, 2017

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-17:07.wpa [REVISED] 2017-10-19
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-17:07.wpa Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
[slackware-security] xorg-server (SSA:2017-291-03) 2017-10-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] xorg-server (SSA:2017-291-03)

New xorg-server packages are available for Slackware 14.0, 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patc

[ more ]  [ reply ]
[slackware-security] wpa_supplicant (SSA:2017-291-02) 2017-10-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] wpa_supplicant (SSA:2017-291-02)

New wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------

[ more ]  [ reply ]
[slackware-security] libXres (SSA:2017-291-01) 2017-10-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] libXres (SSA:2017-291-01)

New libXres packages are available for Slackware 14.1, 14.2, and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/

[ more ]  [ reply ]
WebKitGTK+ Security Advisory WSA-2017-0008 2017-10-18
Carlos Alberto Lopez Perez (clopez igalia com)
------------------------------------------------------------------------

WebKitGTK+ Security Advisory WSA-2017-0008
------------------------------------------------------------------------

Date reported : October 18, 2017
Advisory ID : WSA-2017-0008
Advisor

[ more ]  [ reply ]
SEC Consult SA-20171018-1 :: Multiple vulnerabilities in Linksys E-series products 2017-10-18
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20171018-1 >
=======================================================================
title: Multiple vulnerabilities
product: Linksys E series, see "Vulnerable / tested versions"
vulnerable version: see "Vulnerable / tested

[ more ]  [ reply ]
[security bulletin] HPESBHF03789 rev.2 - Certain HPE Gen9 Systems with HP Trusted Platform Module v2.0 Option, Unauthorized Access to Data 2017-10-17
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03789en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03789en_us

Version: 2

HP

[ more ]  [ reply ]
[SECURITY] [DSA 3999-1] wpa security update 2017-10-16
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3999-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Yves-Alexis Perez
October 16, 2017

[ more ]  [ reply ]
SEC Consult SA-20171016-0 :: Multiple vulnerabilities in Micro Focus VisiBroker C++ 2017-10-16
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20171016-0 >
=======================================================================
title: Multiple vulnerabilities
product: Micro Focus VisiBroker C++
vulnerable version: 8.5 SP2
fixed version: 8.5 SP4 HF3

[ more ]  [ reply ]
[security bulletin] MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege 2017-10-13
swpmb cyber-psrt microfocus com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://softwaresupport.hpe.com/km/KM02987868

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM02987868

Version: 1

MFSBGN03786 rev.1 - HPE Connected Backup, Loca

[ more ]  [ reply ]
Advisory X41-2017-010: Command Execution in Shadowsocks-libev 2017-10-13
X41 D-Sec GmbH Advisories (advisories x41-dsec de)

X41 D-Sec GmbH Security Advisory: X41-2017-010

Command Execution in Shadowsocks-libev
======================================

Overview
--------
Severity Rating: High
Confirmed Affected Versions: 3.1.0
Confirmed Patched Versions: N/A
Vendor: Shadowsocks
Vendor URL: https://github.com/shadowsocks/sh

[ more ]  [ reply ]
Advisory X41-2017-008: Multiple Vulnerabilities in Shadowsocks 2017-10-13
X41 D-Sec GmbH Advisories (advisories x41-dsec de)

X41 D-Sec GmbH Security Advisory: X41-2017-008

Multiple Vulnerabilities in Shadowsocks
=======================================

Overview
--------
Confirmed Affected Versions: Latest commit 2ab8c6b on Sep 6
Confirmed Patched Versions: N/A
Vendor: Shadowsocks
Vendor URL: https://github.com/shadowsoc

[ more ]  [ reply ]
[RCESEC-2017-002][CVE-2017-14956] AlienVault USM v5.4.2 "/ossim/report/wizard_email.php" Cross-Site Request Forgery leading to Sensitive Information Disclosure 2017-10-13
Julien Ahrens (info rcesecurity com)
RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: AlienVault USM
Vendor URL: https://www.alienvault.com
Type: Cross-Site Request Forgery [CWE-253]
Date found: 2017-09-22
Date published: 2017-10-13
CVSSv3 Score: 6.5

[ more ]  [ reply ]
Multiple vulnerabilities in OpenText Documentum Content Server 2017-10-13
Andrey B. Panfilov (andrew panfilov tel)
CVE Identifier: CVE-2017-15012
Vendor: OpenText
Affected products: OpenText Documentum Content Server (all versions)
Researcher: Andrey B. Panfilov
CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Fix: not available
Description:

Opentext Documentum Content Server (formerly known as EMC

[ more ]  [ reply ]
[SECURITY] [DSA 3995-1] libxfont security update 2017-10-10
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3995-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
October 10, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3994-1] nautilus security update 2017-10-08
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3994-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Yves-Alexis Perez
October 07, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3993-1] tor security update 2017-10-06
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3993-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
October 06, 2017

[ more ]  [ reply ]
(Page 7 of 524)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus