|
|
Colapse all |
Post message
Call for papers - WorldCIST'18 - Naples, Italy - Extended deadline: November 26 2017-11-15 Maria Lemos (marialemos72 gmail com) CA20171114-01: Security Notice for CA Identity Governance 2017-11-14 Kotas, Kevin J (Kevin Kotas ca com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CA20171114-01: Security Notice for CA Identity Governance Issued: November 14, 2017 Last Updated: November 14, 2017 CA Technologies support is alerting customers to a potential risk with CA Identity Governance. A vulnerability exists that can potent [ more ] [ reply ] [SECURITY] [DSA 4033-1] konversation security update 2017-11-13 Salvatore Bonaccorso (carnil debian org) [CVE-2017-15288] A privilege escalation vulnerability in the Scala compilation daemon 2017-11-13 jason zaugg lightbend com A privilege escalation vulnerability has been identified in the Scala compilation daemon. The compile daemon is started explicitly by the `fsc` command, or implicitly by executing a Scala source file as a script (e.g `scala MyScript.scala`). Note: Using the `scala` command to start a REPL or to run [ more ] [ reply ] Symantec Endpoint Protection (SEP) v12.1 Tamper-protection Bypass CVE-2017-6331 (hyp3rlinx) 2017-11-13 apparitionsec gmail com Bypassable authentication in SingTel / Aztech DSL8900GR(AC) router 2017-11-11 cort accelerateworkshop com Credit: Cort Date: 5 Aug 2017 CVE: Not assigned Vendor: Aztech (https://www.aztech.com) / SingTel (https://www.singtel.com/) Product: Aztech DSL8900GR(AC) router Versions Affected: firmware 340.6.1-007 (latest available as of 9 Nov 2017) CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) [ more ] [ reply ] Advisory X41-2017-006: Multiple Vulnerabilities in PSFTPd Windows FTP Server 2017-11-10 X41 D-Sec GmbH Advisories (advisories x41-dsec de) X41 D-Sec GmbH Security Advisory: X41-2017-006 Multiple Vulnerabilities in PSFTPd Windows FTP Server ===================================================== Overview -------- Confirmed Affected Versions: 10.0.4 Build 729 Confirmed Patched Versions: None Vendor: Sergei Pleis Softwareentwicklung Vend [ more ] [ reply ] WebKitGTK+ Security Advisory WSA-2017-0009 2017-11-10 Carlos Alberto Lopez Perez (clopez igalia com) [RT-SA-2016-008] XML External Entity Expansion in Ladon Webservice 2017-11-09 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: XML External Entity Expansion in Ladon Webservice Attackers who can send SOAP messages to a Ladon webservice via the HTTP interface of the Ladon webservice can exploit an XML external entity expansion vulnerability and read local files, forge server side requests or overload the service w [ more ] [ reply ] [SECURITY] [DSA 4029-1] postgresql-common security update 2017-11-09 Moritz Muehlenhoff (jmm debian org) [SECURITY] [DSA 4028-1] postgresql-9.6 security update 2017-11-09 Moritz Muehlenhoff (jmm debian org) [SECURITY] [DSA 4027-1] postgresql-9.4 security update 2017-11-09 Moritz Muehlenhoff (jmm debian org) Datto Windows Agent 1.0.5.0 Remote Command Execution [CVE-2017-16673][CVE-2017-16674] 2017-11-09 brainn gmail com Credits ======= Brian Vincent, Michael Brumlow Software ======== Datto Windows Agent Vulnerability Details ===================== Discovered: Aug 25, 2017 Type: Remote code execution as LocalSystem Severity: Critical Description =========== CVE-2017-16673 Software: Datto Backup Agent for Windows, [ more ] [ reply ] AST-2017-009: Buffer overflow in pjproject header parsing can cause crash in Asterisk 2017-11-08 Asterisk Security Team (security asterisk org) AST-2017-010: Buffer overflow in CDR's set user 2017-11-08 Asterisk Security Team (security asterisk org) AST-2017-011: Memory leak in pjsip session resource 2017-11-08 Asterisk Security Team (security asterisk org) [SECURITY] [DSA 4020-1] chromium-browser security update 2017-11-07 Michael Gilbert (mgilbert debian org) CVE-2017-9096 iText XML External Entity Vulnerability 2017-11-06 Advisories (advisories compass-security com) ################################################################## # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/en/research/advisories/ # ################################################################## # # Product: iText PDF Library # Vendor: iText Group # CVE ID: CVE-2017-909 [ more ] [ reply ] Call for papers - WorldCIST'18 - Naples, Italy - Extended deadline: November 22 2017-11-05 ML (marialemos72 gmail com) * Proceedings by Springer ** Extended versions of best selected papers will be published in JCR/SCI/SSCI journals ------------------------------------------------------------------------ --------------------------- WorldCist'18 - 6th World Conference on Information Systems and Technologies [ more ] [ reply ] Webmin v1.850 Remote Code Execution (hyp3rlinx / apparitionsec) 2017-11-05 apparitionsec gmail com [+] SSD Beyond Security: https://blogs.securiteam.com/index.php/archives/3430 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/WEBMIN-v1.850-REMOTE-COMMAND- EXECUTION.txt [+] ISR: ApparitionSec Vulner [ more ] [ reply ] KL-001-2017-022 : Splunk Local Privilege Escalation 2017-11-03 KoreLogic Disclosures (disclosures korelogic com) KL-001-2017-022 : Splunk Local Privilege Escalation Title: Splunk Local Privilege Escalation Advisory ID: KL-001-2017-022 Publication Date: 2017.11.03 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-022.txt 1. Vulnerability Details Affected Vendor: Splunk Af [ more ] [ reply ] |
|
Privacy Statement |
* Proceedings by Springer
** Extended versions of best selected papers will be published in JCR/SCI/SSCI journals
------------------------------------------------------------------------
---------------------------
WorldCist'18 - 6th World Conference on Information Systems and Technologies
[ more ] [ reply ]