|
|
Colapse all |
Post message
KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions 2017-10-24 KoreLogic Disclosures (disclosures korelogic com) KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions Title: Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions Advisory ID: KL-001-2017-020 Publication Date: 2017.10.24 Publication URL: https://www.korelogic.com/Resources/Advis [ more ] [ reply ] KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation 2017-10-24 KoreLogic Disclosures (disclosures korelogic com) KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation Title: Infoblox NetMRI Administration Shell Escape and Privilege Escalation Advisory ID: KL-001-2017-017 Publication Date: 2017.10.24 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-01 [ more ] [ reply ] [security bulletin] HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service 2017-10-23 HPE Product Security Response Team (security-alert hpe com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03779en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03779en_us Version: 1 [ more ] [ reply ] [SECURITY] [DSA 4002-1] mysql-5.5 security update 2017-10-19 Salvatore Bonaccorso (carnil debian org) FreeBSD Security Advisory FreeBSD-SA-17:07.wpa [REVISED] 2017-10-19 FreeBSD Security Advisories (security-advisories freebsd org) [slackware-security] xorg-server (SSA:2017-291-03) 2017-10-18 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] xorg-server (SSA:2017-291-03) New xorg-server packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patc [ more ] [ reply ] [slackware-security] wpa_supplicant (SSA:2017-291-02) 2017-10-18 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] wpa_supplicant (SSA:2017-291-02) New wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +-------------------------- [ more ] [ reply ] [slackware-security] libXres (SSA:2017-291-01) 2017-10-18 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libXres (SSA:2017-291-01) New libXres packages are available for Slackware 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ [ more ] [ reply ] WebKitGTK+ Security Advisory WSA-2017-0008 2017-10-18 Carlos Alberto Lopez Perez (clopez igalia com) SEC Consult SA-20171018-1 :: Multiple vulnerabilities in Linksys E-series products 2017-10-18 SEC Consult Vulnerability Lab (research sec-consult com) [security bulletin] HPESBHF03789 rev.2 - Certain HPE Gen9 Systems with HP Trusted Platform Module v2.0 Option, Unauthorized Access to Data 2017-10-17 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03789en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03789en_us Version: 2 HP [ more ] [ reply ] SEC Consult SA-20171016-0 :: Multiple vulnerabilities in Micro Focus VisiBroker C++ 2017-10-16 SEC Consult Vulnerability Lab (research sec-consult com) [security bulletin] MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege 2017-10-13 swpmb cyber-psrt microfocus com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://softwaresupport.hpe.com/km/KM02987868 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: KM02987868 Version: 1 MFSBGN03786 rev.1 - HPE Connected Backup, Loca [ more ] [ reply ] Advisory X41-2017-010: Command Execution in Shadowsocks-libev 2017-10-13 X41 D-Sec GmbH Advisories (advisories x41-dsec de) X41 D-Sec GmbH Security Advisory: X41-2017-010 Command Execution in Shadowsocks-libev ====================================== Overview -------- Severity Rating: High Confirmed Affected Versions: 3.1.0 Confirmed Patched Versions: N/A Vendor: Shadowsocks Vendor URL: https://github.com/shadowsocks/sh [ more ] [ reply ] Advisory X41-2017-008: Multiple Vulnerabilities in Shadowsocks 2017-10-13 X41 D-Sec GmbH Advisories (advisories x41-dsec de) X41 D-Sec GmbH Security Advisory: X41-2017-008 Multiple Vulnerabilities in Shadowsocks ======================================= Overview -------- Confirmed Affected Versions: Latest commit 2ab8c6b on Sep 6 Confirmed Patched Versions: N/A Vendor: Shadowsocks Vendor URL: https://github.com/shadowsoc [ more ] [ reply ] [RCESEC-2017-002][CVE-2017-14956] AlienVault USM v5.4.2 "/ossim/report/wizard_email.php" Cross-Site Request Forgery leading to Sensitive Information Disclosure 2017-10-13 Julien Ahrens (info rcesecurity com) Multiple vulnerabilities in OpenText Documentum Content Server 2017-10-13 Andrey B. Panfilov (andrew panfilov tel) CVE Identifier: CVE-2017-15012 Vendor: OpenText Affected products: OpenText Documentum Content Server (all versions) Researcher: Andrey B. Panfilov CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) Fix: not available Description: Opentext Documentum Content Server (formerly known as EMC [ more ] [ reply ] [slackware-security] xorg-server (SSA:2017-279-03) 2017-10-06 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] xorg-server (SSA:2017-279-03) New xorg-server packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patc [ more ] [ reply ] DefenseCode Security Advisory: Magento Commerce CSRF, Stored Cross Site Scripting #1 2017-10-05 DefenseCode (defensecode defensecode com)            DefenseCode Security Advisory   Magento Commerce CSRF, Stored Cross Site Scripting Advisory ID: DC-2017-09-001 Advisory Title: Magento CSRF, Stored Cross Site Scripting Advisory URL: http://www.defensecode.com/advisories/DC-2017-09-001_Magento_CSRF_Stored _Cross_Site_Scri [ more ] [ reply ] [security bulletin] HPESBHF03776 rev.1 - HPE Intelligent Management Center (iMC) Service Operation Management (SOM), Remote Arbitrary File Download 2017-10-03 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03776en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03776en_us Version: 1 HP [ more ] [ reply ] HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02 HPE Product Security Response Team (security-alert hpe com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu 03753en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbmu03753en_us Version: 1 [ more ] [ reply ] Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01 apparitionsec gmail com [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14085-TRENDMICRO-OFF ICESCAN-XG-REMOTE-NT-DOMAIN-PHP-INFO-DISCLOSURE.txt [+] ISR: ApparitionSec Vendor: ================== www.trendmicro.com [ more ] [ reply ] Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery (apparitionsec / hyp3rlinx) 2017-10-01 apparitionsec gmail com |
|
Privacy Statement |
Hash: SHA512
This email refers to the advisory found at
https://confluence.atlassian.com/x/EZ-1Nw .
CVE ID:
* CVE-2017-9514.
Product: Bamboo.
Affected Bamboo product versions:
6.0.0 <= version < 6.0.5
6.1.0 <= version < 6.1.4
6.2.0 <= version < 6.2.1
Fixe
[ more ] [ reply ]