DatabŠze Hot News -

Rok - ŕvod  2019  2018  2017  2016  2015  2014  2013  - 1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16  17  18  19  20  List  - 2018  2017  2016  2015  2014  2013 

DatabŠze - ŕvod  Articles  »lŠnky  Bugtraq  Malware   Phishing  Vulnerebility  SANS  Mobil Virus  Exploit  ŕtoky  IDS/IPS  Techniky hackerý  Threatpost  Papers

- DatabŠze Hot News 2016 -

PoslednŪ aktualizace v 08.10.2016 14:19:38


2016


31.12.2016

Bugtraq

 

Malware

 

Phishing

no-reply@amazon.com

30th December 2016

Important message please read

Yahoo

29th December 2016

Un-avoidable Update

PayPall

29th December 2016

Your Account Has Ben Limited
until we hear from You

Vulnerebility

phpMyAdmin 'unserialize()' Function Remote Code Execution Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95055

NVIDIA GPU Driver CVE-2016-8813 Local Privilege Escalation Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95057

NVIDIA GPU Driver CVE-2016-8814 Local Privilege Escalation Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95054

NVIDIA GPU Driver CVE-2016-8818 Local Privilege Escalation Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95056

NVIDIA GPU Driver CVE-2016-8815 Local Privilege Escalation Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95053

phpMyAdmin CVE-2016-6623 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95052

wolfSSL CVE-2016-7439 Local Information Disclosure Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95050

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-12-30
http://www.securityfocus.com/bid/94536

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-12-30
http://www.securityfocus.com/bid/94531

NVIDIA GPU Driver CVE-2016-8816 Local Privilege Escalation Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95051

phpMyAdmin CVE-2016-6619 SQL-Injection Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95048

phpMyAdmin CVE-2016-6622 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95049

Multiple Netgear Routers VU#582384 Remote Command Injection Vulnerability
2016-12-30
http://www.securityfocus.com/bid/94819

phpMyAdmin CVE-2016-6615 Multiple Cross Site Scripting Vulnerabilities
2016-12-30
http://www.securityfocus.com/bid/95041

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-12-30
http://www.securityfocus.com/bid/94533

NVIDIA GPU Driver CVE-2016-8820 Local Information Disclosure Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95045

phpMyAdmin CVE-2016-6618 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95047

phpMyAdmin CVE-2016-6617 SQL-Injection Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95044

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-12-30
http://www.securityfocus.com/bid/94535

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-12-30
http://www.securityfocus.com/bid/94528

phpMyAdmin CVE-2016-6616 SQL-Injection Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95042

Xen CVE-2016-10025 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95026

NVIDIA GPU Driver CVE-2016-8822 Local Privilege Escalation Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95014

Cisco CloudCenter Orchestrator CVE-2016-9223 Privilege Escalation Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95024

NVIDIA GPU Driver CVE-2016-8821 Local Privilege Escalation Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95025

Multiple Cisco Intercloud Fabric CVE-2016-9217 Remote Security Bypass Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95023

Xen CVE-2016-10024 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95021

SISCO SNAP-Lite Utility CVE-2015-6574 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95022

Apache Tika CVE-2015-3271 Remote Information Disclosure Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95020OpenSSL CVE-2016-6305 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/93149

PHP CVE-2016-7480 Remote Code Execution Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95152

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-12-30
http://www.securityfocus.com/bid/91081

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/93150

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-12-30
http://www.securityfocus.com/bid/91319

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/93152

PHP CVE-2016-7479 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95151

PHP CVE-2016-7478 Remote Denial Of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95150

Multiple Huawei Products CVE-2016-8785 Information Disclosure Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95149

GStreamer Good Plug-ins CVE-2016-9807 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95148

Swiftmailer CVE-2016-10074 Remote Code Execution Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95140

GStreamer Bad Plug-ins CVE-2016-9809 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95147

Oracle Fusion Middleware CVE-2016-5578 Remote Security Vulnerability
2016-12-30
http://www.securityfocus.com/bid/93714

Pivotal MySQL for PCF CVE-2016-0898 Information Disclosure Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95146

DCMTK CVE-2015-8979 Stack Buffer Overflow Vulnerability
2016-12-30
http://www.securityfocus.com/bid/94951

Oracle Fusion Middleware CVE-2016-5579 Remote Security Vulnerability
2016-12-30
http://www.securityfocus.com/bid/93672

Oracle Fusion Middleware CVE-2016-5588 Remote Security Vulnerability
2016-12-30
http://www.securityfocus.com/bid/93748

Oracle Fusion Middleware CVE-2016-5577 Remote Security Vulnerability
2016-12-30
http://www.securityfocus.com/bid/93646

Oracle Fusion Middleware CVE-2016-5558 Remote Security Vulnerability
2016-12-30
http://www.securityfocus.com/bid/93752

Oracle Fusion Middleware CVE-2016-5574 Remote Security Vulnerability
2016-12-30
http://www.securityfocus.com/bid/93754

IBM Security Guardium Database Activity Monitor CVE-2016-6065 Local Command Injection Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95145

Pivotal Spring Security CVE-2016-9879 Security Bypass Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95142

Zend Framework 'zend-mail' Component Remote Code Execution Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95144

Multiple Huawei Products CVE-2016-8786 Denial of Service Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95139

tqdm CVE-2016-10075 Remote Code Execution Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95143

IBM License Metric Tool and BigFix Inventory CVE-2016-8966 Information Disclosure Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95138

PHPMailer CVE-2016-10045 Incomplete Fix Remote Code Execution Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95130

IBM AIX CVE-2016-8972 Local Privilege Escalation Vulnerability
2016-12-30
http://www.securityfocus.com/bid/94979

Oracle MySQL CVE-2016-6662 Remote Code Execution Vulnerability
2016-12-30
http://www.securityfocus.com/bid/92912

Multiple IBM Products CVE-2016-8980 XML External Entity Injection Vulnerability
2016-12-30
http://www.securityfocus.com/bid/95141

SANS News

Increase in Protocol 47 denys

More on Protocol 47 denys

Threats

PHPMailer, SwiftMailer Updates Resolve Critical Remote Code Execution Vulnerabilities

Exploit

Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting / Cross-Site...

Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection

WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload

PHPMailer < 5.2.18 - Remote Code Execution (Python)

Android - get_user/put_user Exploit (Metasploit)

30.12.2016

Bugtraq

[CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage 2016-12-28
Oleksandr Rudyy (orudyy gmail com)

PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch) 2016-12-28
Dawid Golunski (dawid legalhackers com)

PHPMailer < 5.2.18 Remote Code Execution [updated advisory] [CVE-2016-10033] 2016-12-27
Dawid Golunski (dawid legalhackers com)

[SECURITY] [DSA 3746-1] graphicsmagick security update 2016-12-24
Luciano Bello (luciano debian org)

Malware

TrojanDropper:Win32/Rubat!rfn
TrojanDropper:Win32/Rubat.A!bit

TrojanSpy:MSIL/Kostioul.A

TrojanDropper:VBS/Dropula.A

TrojanDropper:MSIL/Suloc.A!bit

TrojanDownloader:Win32/Broskod.A!bit

TrojanDownloader:MSIL/Excrevie!rfn

TrojanDownloader:MSIL/Excrevie.A

PWS:Win32/Mofksys!rfn

Backdoor:Win32/Kanav!rfn

Phishing

PayPall

29th December 2016

Your Account Has Ben Limited
until we hear from You

NORTON AUTHORIZED PARTNER

28th December 2016

Get the new Norton Security to
protect your computer! Now
only $34.99!

Vulnerebility

OpenSSL CVE-2016-6305 Denial of Service Vulnerability
2016-12-29
http://www.securityfocus.com/bid/93149

PHP CVE-2016-7480 Remote Code Execution Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95152

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-12-29
http://www.securityfocus.com/bid/91081

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-12-29
http://www.securityfocus.com/bid/93150

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-12-29
http://www.securityfocus.com/bid/91319

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2016-12-29
http://www.securityfocus.com/bid/93152

PHP CVE-2016-7479 Denial of Service Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95151

PHP CVE-2016-7478 Remote Denial Of Service Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95150

Multiple Huawei Products CVE-2016-8785 Information Disclosure Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95149

GStreamer Good Plug-ins CVE-2016-9807 Denial of Service Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95148

Swiftmailer CVE-2016-10074 Remote Code Execution Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95140

GStreamer Bad Plug-ins CVE-2016-9809 Denial of Service Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95147

Oracle Fusion Middleware CVE-2016-5578 Remote Security Vulnerability
2016-12-29
http://www.securityfocus.com/bid/93714

Pivotal MySQL for PCF CVE-2016-0898 Information Disclosure Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95146

DCMTK CVE-2015-8979 Stack Buffer Overflow Vulnerability
2016-12-29
http://www.securityfocus.com/bid/94951

Oracle Fusion Middleware CVE-2016-5579 Remote Security Vulnerability
2016-12-29
http://www.securityfocus.com/bid/93672

Oracle Fusion Middleware CVE-2016-5588 Remote Security Vulnerability
2016-12-29
http://www.securityfocus.com/bid/93748

Oracle Fusion Middleware CVE-2016-5577 Remote Security Vulnerability
2016-12-29
http://www.securityfocus.com/bid/93646

Oracle Fusion Middleware CVE-2016-5558 Remote Security Vulnerability
2016-12-29
http://www.securityfocus.com/bid/93752

Oracle Fusion Middleware CVE-2016-5574 Remote Security Vulnerability
2016-12-29
http://www.securityfocus.com/bid/93754

IBM Security Guardium Database Activity Monitor CVE-2016-6065 Local Command Injection Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95145

Pivotal Spring Security CVE-2016-9879 Security Bypass Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95142

Zend Framework 'zend-mail' Component Remote Code Execution Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95144

Multiple Huawei Products CVE-2016-8786 Denial of Service Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95139

tqdm CVE-2016-10075 Remote Code Execution Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95143

IBM License Metric Tool and BigFix Inventory CVE-2016-8966 Information Disclosure Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95138

PHPMailer CVE-2016-10045 Incomplete Fix Remote Code Execution Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95130

IBM AIX CVE-2016-8972 Local Privilege Escalation Vulnerability
2016-12-29
http://www.securityfocus.com/bid/94979

Oracle MySQL CVE-2016-6662 Remote Code Execution Vulnerability
2016-12-29
http://www.securityfocus.com/bid/92912

Multiple IBM Products CVE-2016-8980 XML External Entity Injection Vulnerability
2016-12-29
http://www.securityfocus.com/bid/95141

SANS News

Using daemonlogger as a Software Tap

Threats

 

Exploit

SwiftMailer < 5.4.5-DEV - Remote Code Execution

WordPress Plugin Simply Poll 1.4.1 - SQL Injection

PHPMailer < 5.2.20 - Remote Code Execution

PHPMailer < 5.2.18 - Remote Code Execution (PHP)

29.12.2016

Bugtraq

[CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage 2016-12-28
Oleksandr Rudyy (orudyy gmail com)

PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch) 2016-12-28
Dawid Golunski (dawid legalhackers com)

PHPMailer < 5.2.18 Remote Code Execution [updated advisory] [CVE-2016-10033] 2016-12-27
Dawid Golunski (dawid legalhackers com)

Malware

 

Phishing

service@paypaI.com

28th December 2016

WE NOTICED UNUSUAL ACTIVITY ON
YOUR ACCOUNT

Vulnerebility

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93793

cURL CVE-2016-4802 DLL Loading Local Code Execution Vulnerability
2016-12-28
http://www.securityfocus.com/bid/90997

Multiple Samsung Devices 'OTP' Service Remote Heap Buffer Overflow Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95134

libming 'parser.c' Heap Buffer Overflow Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95133

html5lib Multiple Cross Site Scripting Vulnerabilities
2016-12-28
http://www.securityfocus.com/bid/95132

PHPMailer CVE-2016-10033 Remote Code Execution Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95108

PyCrypto 'cryptmsg.py' Buffer Overflow Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95122

OpenSSL CVE-2016-6305 Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93149

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93171

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-12-28
http://www.securityfocus.com/bid/91081

libming 'read.c' Null Pointer Dereference Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/94627

Ignite Realtime Smack CVE-2016-10027 Man in the Middle Security Bypass Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95129

zlib Multiple Denial of Service Vulnerabilities
2016-12-28
http://www.securityfocus.com/bid/95131

OpenSSL CVE-2016-6309 Remote Code Execution Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93177

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2016-12-28
http://www.securityfocus.com/bid/92984

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-12-28
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-6308 Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93151

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93150

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-12-28
http://www.securityfocus.com/bid/91319

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93153

OpenJPEG 'convert.c' Remote Heap Based Buffer Overflow Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93976

OpenJPEG 'convert.c' Null Pointer Dereference Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93783

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93152

OpenJPEG CVE-2016-9114 Null Pointer Dereference Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93979

OpenJPEG 'convert.c' CVE-2016-9115 Remote Heap Based Buffer Overflow Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93977

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/92117

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/92628

OpenJPEG CVE-2016-8332 Remote Code Execution Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93242

OpenJPEG 'openjp2/pi.c' Divide-By-Zero Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/93978RTMPDump CVE-2015-8271 Remote Code Execution Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95125

RTMPDump NULL pointer Dereference Remote Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95123

PyCrypto 'cryptmsg.py' Buffer Overflow Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95122

Firejail '/etc/resolv.conf' Remote Security Bypass Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95119

Nagios CVE-2016-8641 Local Privilege Escalation Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95121

Trane ComfortLink II CVE-2015-2868 Remote Code Execution Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95118

TRANE COMFORTLINK II CVE-2015-2867 Hardcoded Credentials Security Bypass Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95120

IBM Jazz Foundation CVE-2016-6061 Cross Site Scripting Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95117

Tor CVE-2016-8860 Remote Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95116

IBM Jazz Foundation CVE-2016-6040 Remote Security Bypass Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95115

BitTorrent API Cross Site Scripting Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95112

Joomla Blog Calender 'index.php' SQL Injection Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95114

PHPMailer CVE-2016-10033 Remote Code Execution Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95108

Apple iOS/tvOS/MacOS/watchOS Multiple Security Vulnerabilities
2016-12-28
http://www.securityfocus.com/bid/93054

Google Chrome Prior to 52.0.2743.82 Multiple Security Vulnerabilities
2016-12-28
http://www.securityfocus.com/bid/92053

Qt QXmlSimpleReader CVE-2016-10040 Stack Buffer Overflow Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95113

IBM Jazz Foundation CVE-2016-6030 Cross Site Scripting Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95110

Squid HTTP proxy Multiple Information Disclosure Vulnerabilities
2016-12-28
http://www.securityfocus.com/bid/94953

IBM Rational Products CVE-2016-2987 Information Disclosure Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95109

IBM Rational Products CVE-2016-6028 Information Disclosure Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95111

Roundcube CVE-2016-9920 Remote Code Execution Vulnerability
2016-12-28
http://www.securityfocus.com/bid/94858

Apache Xerces CVE-2016-2099 Use-After-Free Remote Code Execution Vulnerability
2016-12-28
http://www.securityfocus.com/bid/90502

IBM Security Access Manager CVE-2016-3043 Man in the Middle Information Disclosure Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95107

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2016-12-28
http://www.securityfocus.com/bid/83423

Samba Active Directory CVE-2015-8467 Denial of Service Vulnerability
2016-12-28
http://www.securityfocus.com/bid/79735

IBM InfoSphere Information Server CVE-2016-5984 Cross Frame Scripting Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95106

IBM Security Access Manager for Web CVE-2016-3045 Information Disclosure Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95103

IBM Campaign CVE-2016-0265 Unspecified Cross Site Scripting Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95100

IBM Business Process Manager CVE-2016-9731 Cross Site Scripting Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95105

OWASP AntiSamy CVE-2016-10006 Remote Security Bypass Vulnerability
2016-12-28
http://www.securityfocus.com/bid/95101

SANS News

Using daemonlogger as a Software Tap

Threats

Android Trojan Switcher Infects Routers via DNS Hijacking

Exploit

PHPMailer < 5.2.20 - Remote Code Execution

PHPMailer < 5.2.18 - Remote Code Execution (PHP)

28.12.2016

Bugtraq

PHPMailer < 5.2.18 Remote Code Execution [updated advisory] [CVE-2016-10033] 2016-12-27
Dawid Golunski (dawid legalhackers com)

[SECURITY] [DSA 3746-1] graphicsmagick security update 2016-12-24
Luciano Bello (luciano debian org)

Malware

 

Phishing

paypal

26th December 2016

Your account has been Iimited
!

PayPaI

26th December 2016

[TEMPORARY LOCKED] UNEXPECTED
ACTIVITY ON YOUR ACCOUNT

Amazon

25th December 2016

Your order of Amazon "Gift
Card - Email ..."

Vulnerebility

 

Trane ComfortLink II CVE-2015-2868 Remote Code Execution Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95118

TRANE COMFORTLINK II CVE-2015-2867 Hardcoded Credentials Security Bypass Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95120

IBM Jazz Foundation CVE-2016-6061 Cross Site Scripting Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95117

Tor CVE-2016-8860 Remote Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95116

IBM Jazz Foundation CVE-2016-6040 Remote Security Bypass Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95115

BitTorrent API Cross Site Scripting Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95112

Joomla Blog Calender 'index.php' SQL Injection Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95114

PHPMailer CVE-2016-10033 Remote Code Execution Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95108

Apple iOS/tvOS/MacOS/watchOS Multiple Security Vulnerabilities
2016-12-27
http://www.securityfocus.com/bid/93054

Google Chrome Prior to 52.0.2743.82 Multiple Security Vulnerabilities
2016-12-27
http://www.securityfocus.com/bid/92053

Qt QXmlSimpleReader CVE-2016-10040 Stack Buffer Overflow Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95113

IBM Jazz Foundation CVE-2016-6030 Cross Site Scripting Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95110

Squid HTTP proxy Multiple Information Disclosure Vulnerabilities
2016-12-27
http://www.securityfocus.com/bid/94953

IBM Rational Products CVE-2016-2987 Information Disclosure Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95109

IBM Rational Products CVE-2016-6028 Information Disclosure Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95111

Roundcube CVE-2016-9920 Remote Code Execution Vulnerability
2016-12-27
http://www.securityfocus.com/bid/94858

Apache Xerces CVE-2016-2099 Use-After-Free Remote Code Execution Vulnerability
2016-12-27
http://www.securityfocus.com/bid/90502

IBM Security Access Manager CVE-2016-3043 Man in the Middle Information Disclosure Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95107

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2016-12-27
http://www.securityfocus.com/bid/83423

Samba Active Directory CVE-2015-8467 Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/79735

IBM InfoSphere Information Server CVE-2016-5984 Cross Frame Scripting Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95106

IBM Security Access Manager for Web CVE-2016-3045 Information Disclosure Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95103

IBM Campaign CVE-2016-0265 Unspecified Cross Site Scripting Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95100

IBM Business Process Manager CVE-2016-9731 Cross Site Scripting Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95105

OWASP AntiSamy CVE-2016-10006 Remote Security Bypass Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95101

IBM Security Access Manager CVE-2016-3046 SQL Injection Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95104

Crypto++ CVE-2016-9939 Local Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/94854

Samba ldb 'ldb_wildcard_compare()' Function Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/79731

Samba CVE-2015-7540 Remote Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/79736

Samba CVE-2015-5252 Symlink Vulnerability
2016-12-27
http://www.securityfocus.com/bid/79733
Apache Xerces CVE-2016-2099 Use-After-Free Remote Code Execution Vulnerability
2016-12-27
http://www.securityfocus.com/bid/90502

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2016-12-27
http://www.securityfocus.com/bid/83423

Samba Active Directory CVE-2015-8467 Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/79735

IBM InfoSphere Information Server CVE-2016-5984 Cross Frame Scripting Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95106

IBM Security Access Manager for Web CVE-2016-3045 Information Disclosure Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95103

IBM Campaign CVE-2016-0265 Unspecified Cross Site Scripting Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95100

IBM Business Process Manager CVE-2016-9731 Cross Site Scripting Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95105

OWASP AntiSamy CVE-2016-10006 Remote Security Bypass Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95101

IBM Security Access Manager CVE-2016-3046 SQL Injection Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95104

Crypto++ CVE-2016-9939 Local Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/94854

Samba ldb 'ldb_wildcard_compare()' Function Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/79731

Samba CVE-2015-7540 Remote Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/79736

Samba CVE-2015-5252 Symlink Vulnerability
2016-12-27
http://www.securityfocus.com/bid/79733

Symantec Norton Download Manager CVE-2016-6592 DLL Loading Remote Code Execution Vulnerability
2016-12-27
http://www.securityfocus.com/bid/94695

Samba CVE-2015-5296 Man in the Middle Multiple Security Bypass Vulnerabilities
2016-12-27
http://www.securityfocus.com/bid/79732

Samba ldb CVE-2015-5330 Multiple Information Disclosure Vulnerabilities
2016-12-27
http://www.securityfocus.com/bid/79734

Samba CVE-2015-5299 Remote Security Bypass Vulnerability
2016-12-27
http://www.securityfocus.com/bid/79729

Samba CVE-2016-2114 Remote Security Bypass Vulnerability
2016-12-27
http://www.securityfocus.com/bid/86011

Samba CVE-2016-2118 Man in the Middle Security Bypass Vulnerability
2016-12-27
http://www.securityfocus.com/bid/86002

Multiple IBM Products CVE-2016-6033 Cross Site Request Forgery Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95102

GraphicsMagick CVE-2016-7996 Heap Buffer Overflow Vulnerability
2016-12-27
http://www.securityfocus.com/bid/93464

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/92982

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-12-27
http://www.securityfocus.com/bid/92630

GraphicsMagick 'memory.c' Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/94625

IBM Sterling B2B Integrator Standard Edition CVE-2016-6020 Open Redirection Vulnerability
2016-12-27
http://www.securityfocus.com/bid/95098

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/93150

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-12-27
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-12-27
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-12-27
http://www.securityfocus.com/bid/91319

ImageMagick CVE-2016-3715 Arbitrary File Deletion Vulnerability
2016-12-27
http://www.securityfocus.com/bid/89852

SANS News

 

Threats

 

Exploit

 

26.12.2016

Bugtraq

[SECURITY] [DSA 3746-1] graphicsmagick security update 2016-12-24
Luciano Bello (luciano debian org)

[slackware-security] expat (SSA:2016-359-01) 2016-12-24
Slackware Security Team (security slackware com)

[slackware-security] openssh (SSA:2016-358-02) 2016-12-24
Slackware Security Team (security slackware com)

[slackware-security] httpd (SSA:2016-358-01) 2016-12-24
Slackware Security Team (security slackware com)

XAMPP Control Panel Memory Corruption Denial Of Service 2016-12-24
apparitionsec gmail com (HYP3RLINX)

Malware

 

Phishing

Amazon

25th December 2016

Your order of Amazon "Gift
Card - Email ..."

Amazon

24th December 2016

YOUR ORDER OF AMAZON "GIFT
CARD - EMAIL ..."

AOL

24th December 2016

Somebody has tagged your very
own account

Vulnerebility

Multiple Samsung Galaxy Product Information Disclosure Vulnerability
2016-12-26
http://www.securityfocus.com/bid/95092

IBM Tivoli Storage Manager Operations Center CVE-2016-6046 Cross Site Scripting Vulnerability
2016-12-26
http://www.securityfocus.com/bid/95093

Oracle MySQL CVE-2016-6664 Local Security Vulnerability
2016-12-26
http://www.securityfocus.com/bid/93612

IBM Tivoli Storage Manager Operations Center CVE-2016-6044 Security Bypass Vulnerability
2016-12-26
http://www.securityfocus.com/bid/95091

RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability
2016-12-26
http://www.securityfocus.com/bid/93614

IBM Tivoli Storage Manager Operations Center CVE-2016-6043 Local Security Vulnerability
2016-12-26
http://www.securityfocus.com/bid/95090

Autodesk Design Review Multiple Remote Code Execution Vulnerabilities
2016-12-26
http://www.securityfocus.com/bid/95089

Avira Free Antivirus Local Memory Corruption Vulnerability
2016-12-26
http://www.securityfocus.com/bid/95088

IBM Tivoli Storage Manager Operations Center CVE-2016-6045 Cross Site Request Forgery Vulnerability
2016-12-26
http://www.securityfocus.com/bid/95087

Cloud Foundry UAA CVE-2016-6659 Privilege Escalation Vulnerability
2016-12-26
http://www.securityfocus.com/bid/95085

libming CVE-2016-9827 Heap Buffer Overflow Vulnerability
2016-12-26
http://www.securityfocus.com/bid/95086

Sophos XG Firewall '/userportal/Controller' Endpoint SQL Injection Vulnerability
2016-12-26
http://www.securityfocus.com/bid/95084

Tiki Wiki CMS Groupware CVE-2016-9889 Multiple Cross Site Scripting Vulnerabilities
2016-12-26
http://www.securityfocus.com/bid/95083

GraphicsMagick 'memory.c' Denial of Service Vulnerability
2016-12-26
http://www.securityfocus.com/bid/94625

NTP CVE-2016-7434 Local Denial of Service Vulnerability
2016-12-26
http://www.securityfocus.com/bid/94448

Appweb CVE-2014-9708 Null Pointer Deference Denial of Service Vulnerability
2016-12-26
http://www.securityfocus.com/bid/73407

Huawei Smart Phones Multiple Security Vulnerabilities
2016-12-26
http://www.securityfocus.com/bid/95082

Info-ZIP UnZip CVE-2014-9913 Buffer Overflow Vulnerability
2016-12-26
http://www.securityfocus.com/bid/95081

NTP CVE-2016-7433 Local Denial of Service Vulnerability
2016-12-26
http://www.securityfocus.com/bid/94455

NTP CVE-2016-9310 Denial of Service Vulnerability
2016-12-26
http://www.securityfocus.com/bid/94452

NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
2016-12-26
http://www.securityfocus.com/bid/94444

NTP CVE-2016-7428 Denial of Service Vulnerability
2016-12-26
http://www.securityfocus.com/bid/94446

NTP CVE-2016-7431 Denial of Service Vulnerability
2016-12-26
http://www.securityfocus.com/bid/94454

NTP CVE-2016-7427 Denial of Service Vulnerability
2016-12-26
http://www.securityfocus.com/bid/94447

NTP CVE-2016-7426 Local Denial of Service Vulnerability
2016-12-26
http://www.securityfocus.com/bid/94451

Katello CVE-2016-4397 Local Code Execution Vulnerability
2016-12-26
http://www.securityfocus.com/bid/95080

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-12-26
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-12-26
http://www.securityfocus.com/bid/93643

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-12-26
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-12-26
http://www.securityfocus.com/bid/93637

SANS News

Critical security update: PHPMailer 5.2.18 (CVE-2016-10033)

Time for some predictions

Looking for some emails

Threatpost

 

Exploit

Joomla! Component Blog Calendar - SQL Injection

FTPShell Server 6.36 - '.csv' Local Denial of Service

PHPMailer 5.2.17 - Remote Code Execution

25.12.2016

Bugtraq

[SECURITY] [DSA 3744-1] libxml2 security update 2016-12-23
Salvatore Bonaccorso (carnil debian org)

Malware

 

Phishing

Amazon

24th December 2016

YOUR ORDER OF AMAZON "GIFT
CARD - EMAIL ..."

AOL

24th December 2016

Somebody has tagged your very
own account

AOL

24th December 2016

Somebody has already tagged
your current user profile

Vulnerebility

Multiple Samsung Galaxy Product Information Disclosure Vulnerability
2016-12-25
http://www.securityfocus.com/bid/95092

IBM Tivoli Storage Manager Operations Center CVE-2016-6046 Cross Site Scripting Vulnerability
2016-12-25
http://www.securityfocus.com/bid/95093

Oracle MySQL CVE-2016-6664 Local Security Vulnerability
2016-12-25
http://www.securityfocus.com/bid/93612

IBM Tivoli Storage Manager Operations Center CVE-2016-6044 Security Bypass Vulnerability
2016-12-25
http://www.securityfocus.com/bid/95091

RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability
2016-12-25
http://www.securityfocus.com/bid/93614

IBM Tivoli Storage Manager Operations Center CVE-2016-6043 Local Security Vulnerability
2016-12-25
http://www.securityfocus.com/bid/95090

Autodesk Design Review Multiple Remote Code Execution Vulnerabilities
2016-12-25
http://www.securityfocus.com/bid/95089

Avira Free Antivirus Local Memory Corruption Vulnerability
2016-12-25
http://www.securityfocus.com/bid/95088

IBM Tivoli Storage Manager Operations Center CVE-2016-6045 Cross Site Request Forgery Vulnerability
2016-12-25
http://www.securityfocus.com/bid/95087

Cloud Foundry UAA CVE-2016-6659 Privilege Escalation Vulnerability
2016-12-25
http://www.securityfocus.com/bid/95085

libming CVE-2016-9827 Heap Buffer Overflow Vulnerability
2016-12-25
http://www.securityfocus.com/bid/95086

Sophos XG Firewall '/userportal/Controller' Endpoint SQL Injection Vulnerability
2016-12-25
http://www.securityfocus.com/bid/95084

Tiki Wiki CMS Groupware CVE-2016-9889 Multiple Cross Site Scripting Vulnerabilities
2016-12-25
http://www.securityfocus.com/bid/95083

GraphicsMagick 'memory.c' Denial of Service Vulnerability
2016-12-25
http://www.securityfocus.com/bid/94625

NTP CVE-2016-7434 Local Denial of Service Vulnerability
2016-12-25
http://www.securityfocus.com/bid/94448

Appweb CVE-2014-9708 Null Pointer Deference Denial of Service Vulnerability
2016-12-25
http://www.securityfocus.com/bid/73407

Huawei Smart Phones Multiple Security Vulnerabilities
2016-12-25
http://www.securityfocus.com/bid/95082

Info-ZIP UnZip CVE-2014-9913 Buffer Overflow Vulnerability
2016-12-25
http://www.securityfocus.com/bid/95081

NTP CVE-2016-7433 Local Denial of Service Vulnerability
2016-12-25
http://www.securityfocus.com/bid/94455

NTP CVE-2016-9310 Denial of Service Vulnerability
2016-12-25
http://www.securityfocus.com/bid/94452

NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
2016-12-25
http://www.securityfocus.com/bid/94444

NTP CVE-2016-7428 Denial of Service Vulnerability
2016-12-25
http://www.securityfocus.com/bid/94446

NTP CVE-2016-7431 Denial of Service Vulnerability
2016-12-25
http://www.securityfocus.com/bid/94454

NTP CVE-2016-7427 Denial of Service Vulnerability
2016-12-25
http://www.securityfocus.com/bid/94447

NTP CVE-2016-7426 Local Denial of Service Vulnerability
2016-12-25
http://www.securityfocus.com/bid/94451

Katello CVE-2016-4397 Local Code Execution Vulnerability
2016-12-25
http://www.securityfocus.com/bid/95080

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-12-25
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-12-25
http://www.securityfocus.com/bid/93643

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-12-25
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-12-25
http://www.securityfocus.com/bid/93637

SANS News

 

Threatpost

 

Exploit

XAMPP Control Panel - Denial Of Service

24.12.2016

Bugtraq

[SECURITY] [DSA 3744-1] libxml2 security update 2016-12-23
Salvatore Bonaccorso (carnil debian org)

FreeBSD Security Advisory FreeBSD-SA-16:39.ntp 2016-12-22
FreeBSD Security Advisories (security-advisories freebsd org)

Malware

 

Phishing

Amazon

24th December 2016

YOUR ORDER OF AMAZON "GIFT
CARD - EMAIL ..."

AOL

24th December 2016

Somebody has tagged your very
own account

AOL

24th December 2016

Somebody has already tagged
your current user profile

Vulnerebility

Multiple Samsung Galaxy Product Information Disclosure Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95092

IBM Tivoli Storage Manager Operations Center CVE-2016-6046 Cross Site Scripting Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95093

Oracle MySQL CVE-2016-6664 Local Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93612

IBM Tivoli Storage Manager Operations Center CVE-2016-6044 Security Bypass Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95091

RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93614

IBM Tivoli Storage Manager Operations Center CVE-2016-6043 Local Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95090

Autodesk Design Review Multiple Remote Code Execution Vulnerabilities
2016-12-24
http://www.securityfocus.com/bid/95089

Avira Free Antivirus Local Memory Corruption Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95088

IBM Tivoli Storage Manager Operations Center CVE-2016-6045 Cross Site Request Forgery Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95087

Cloud Foundry UAA CVE-2016-6659 Privilege Escalation Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95085

libming CVE-2016-9827 Heap Buffer Overflow Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95086

Sophos XG Firewall '/userportal/Controller' Endpoint SQL Injection Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95084

Tiki Wiki CMS Groupware CVE-2016-9889 Multiple Cross Site Scripting Vulnerabilities
2016-12-24
http://www.securityfocus.com/bid/95083

GraphicsMagick 'memory.c' Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94625

NTP CVE-2016-7434 Local Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94448

Appweb CVE-2014-9708 Null Pointer Deference Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/73407

Huawei Smart Phones Multiple Security Vulnerabilities
2016-12-24
http://www.securityfocus.com/bid/95082

Info-ZIP UnZip CVE-2014-9913 Buffer Overflow Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95081

NTP CVE-2016-7433 Local Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94455

NTP CVE-2016-9310 Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94452

NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94444

NTP CVE-2016-7428 Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94446

NTP CVE-2016-7431 Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94454

NTP CVE-2016-7427 Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94447

NTP CVE-2016-7426 Local Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94451

Katello CVE-2016-4397 Local Code Execution Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95080

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93643

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93637Multiple Samsung Galaxy Product Information Disclosure Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95092

IBM Tivoli Storage Manager Operations Center CVE-2016-6046 Cross Site Scripting Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95093

Oracle MySQL CVE-2016-6664 Local Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93612

IBM Tivoli Storage Manager Operations Center CVE-2016-6044 Security Bypass Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95091

RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93614

IBM Tivoli Storage Manager Operations Center CVE-2016-6043 Local Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95090

Autodesk Design Review Multiple Remote Code Execution Vulnerabilities
2016-12-24
http://www.securityfocus.com/bid/95089

Avira Free Antivirus Local Memory Corruption Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95088

IBM Tivoli Storage Manager Operations Center CVE-2016-6045 Cross Site Request Forgery Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95087

Cloud Foundry UAA CVE-2016-6659 Privilege Escalation Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95085

libming CVE-2016-9827 Heap Buffer Overflow Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95086

Sophos XG Firewall '/userportal/Controller' Endpoint SQL Injection Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95084

Tiki Wiki CMS Groupware CVE-2016-9889 Multiple Cross Site Scripting Vulnerabilities
2016-12-24
http://www.securityfocus.com/bid/95083

GraphicsMagick 'memory.c' Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94625

NTP CVE-2016-7434 Local Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94448

Appweb CVE-2014-9708 Null Pointer Deference Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/73407

Huawei Smart Phones Multiple Security Vulnerabilities
2016-12-24
http://www.securityfocus.com/bid/95082

Info-ZIP UnZip CVE-2014-9913 Buffer Overflow Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95081

NTP CVE-2016-7433 Local Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94455

NTP CVE-2016-9310 Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94452

NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94444

NTP CVE-2016-7428 Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94446

NTP CVE-2016-7431 Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94454

NTP CVE-2016-7427 Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94447

NTP CVE-2016-7426 Local Denial of Service Vulnerability
2016-12-24
http://www.securityfocus.com/bid/94451

Katello CVE-2016-4397 Local Code Execution Vulnerability
2016-12-24
http://www.securityfocus.com/bid/95080

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93643

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-12-24
http://www.securityfocus.com/bid/93637

SANS News

Pinging All The Way

Threatpost

Apple Delays App Transport Security Deadline

Cisco Warns of Critical Flaw in CloudCenter Orchestrator Systems

Clever Facebook Hack Reveals Private Email Address of Any User

Exploit

OpenSSH < 7.4 - agent Protocol Arbitrary Library Loading

Apache mod_session_crypto - Padding Oracle

OpenSSH < 7.4 - 'UsePrivilegeSeparation Disabled' Forwarded Unix Domain Sockets...

23.12.2016

Bugtraq

FreeBSD Security Advisory FreeBSD-SA-16:39.ntp 2016-12-22
FreeBSD Security Advisories (security-advisories freebsd org)

CVE-2014-4138: MSIE 11 MSHTML CPaste­Command::Convert­Bitmapto­Png heap-based buffer overflow 2016-12-21
Berend-Jan Wever (berendj nwever nl)

[SECURITY] [DSA 3732-2] php-ssh2 regression update 2016-12-21
Sebastien Delafond (seb debian org)

ASP.NET Core 5-RC1 HTTP Header Injection 2016-12-21
Advisories (advisories compass-security com)

Malware

Backdoor.Pralice

Trojan.Ticno

Exp.CVE-2016-7297

Phishing

Bank of America Alert

22nd December 2016

Security Alert: Suspicious
Activity

AOL

22nd December 2016

An individual seems to have
marked your current profile
page

AOL

21st December 2016

A girl appears to have tagged
your very own personal profile

James Williams

21st December 2016

mpsv@live.com Payment Attached

Paul Davis

21st December 2016

Finally 100% Binary Autopilot
robot [DOWNLOAD LINK for
mpsv@live.com]

Vulnerebility

GraphicsMagick 'memory.c' Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94625

NTP CVE-2016-7434 Local Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94448

Appweb CVE-2014-9708 Null Pointer Deference Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/73407

NTP CVE-2016-7433 Local Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94455

NTP CVE-2016-9310 Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94452

NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94444

NTP CVE-2016-7428 Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94446

NTP CVE-2016-7431 Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94454

NTP CVE-2016-7427 Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94447

NTP CVE-2016-7426 Local Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94451

Katello CVE-2016-4397 Local Code Execution Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95080

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-12-23
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-12-23
http://www.securityfocus.com/bid/93643

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-12-23
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-12-23
http://www.securityfocus.com/bid/93637

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-12-23
http://www.securityfocus.com/bid/93621

Oracle Java SE CVE-2016-5556 Remote Security Vulnerability
2016-12-23
http://www.securityfocus.com/bid/93618

Oracle Java SE CVE-2016-5582 Remote Security Vulnerability
2016-12-23
http://www.securityfocus.com/bid/93623

Python 'urrlib2/urllib/httplib/http.client' HTTP Header Injection Vulnerability
2016-12-23
http://www.securityfocus.com/bid/91226

Python CVE-2016-5636 Heap Buffer Overflow Vulnerability
2016-12-23
http://www.securityfocus.com/bid/91247

Python smtplib CVE-2016-0772 Man in the Middle Security Bypass Vulnerability
2016-12-23
http://www.securityfocus.com/bid/91225

Apache HTTP Server CVE-2016-0736 Remote Security Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95078

Multiple Huawei Products CVE-2016-8784 Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95079

Apache HTTP Server CVE-2016-8743 Security Bypass Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95077

Apache HTTP Server CVE-2016-2161 Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95076

Xen CVE-2016-10024 Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95021

Xen CVE-2016-10025 Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95026

Xen CVE-2016-9932 Information Disclosure Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94863

QEMU 'VIRTIO_GPU_CMD_SET_SCANOUT()' Function Out of Bounds Read Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94978

QEMU 'virtio-gpu-3d.c' Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94981QEMU 'VIRTIO_GPU_CMD_SET_SCANOUT()' Function Out of Bounds Read Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94978

QEMU 'virtio-gpu-3d.c' Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94981

BMC Remedy Action Request System CVE-2016-2349 Password Reset Security Bypass Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95075

Multiple WAGO Products CVE-2016-9362 Authentication Bypass Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95074

BlueZ CVE-2016-7837 Local Buffer Overflow Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95067

RedHat keycloak CVE-2016-8609 Session Hijacking Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95070

Spring Framework CVE-2016-9878 Directory Traversal Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95072

Fidelix FX-20 Series Controllers CVE-2016-9364 Directory Traversal Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95073

FreeIPA CVE-2016-9575 Insecure File Permissions Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95068

NetApp Snap Creator Framework CVE-2016-7172 Local Information Disclosure Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95069

Pivotal RabbitMQ Products CVE-2016-9877 Authentication Bypass Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95065

wolfSSLCVE-2016-7438 Local Information Disclosure Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95066

Tarantool Msgpuck CVE-2016-9036 Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95064

SKYSEA Client View CVE-2016-7836 Arbitrary Code Execution Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95062

H2O CVE-2016-7835 Use After Free Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95061

Tarantool CVE-2016-9037 Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95063

Vesta Control Panel 'bin/v-get-web-domain-value' Script Local Command Injection Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95060

NVIDIA GPU Driver CVE-2016-8817 Local Privilege Escalation Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95059

NVIDIA GPU Driver CVE-2016-8819 Local Privilege Escalation Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95058

phpMyAdmin 'unserialize()' Function Remote Code Execution Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95055

NVIDIA GPU Driver CVE-2016-8813 Local Privilege Escalation Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95057

NVIDIA GPU Driver CVE-2016-8814 Local Privilege Escalation Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95054

NVIDIA GPU Driver CVE-2016-8818 Local Privilege Escalation Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95056

NVIDIA GPU Driver CVE-2016-8815 Local Privilege Escalation Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95053

phpMyAdmin CVE-2016-6623 Denial of Service Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95052

wolfSSL CVE-2016-7439 Local Information Disclosure Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95050

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94536

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-12-23
http://www.securityfocus.com/bid/94531

NVIDIA GPU Driver CVE-2016-8816 Local Privilege Escalation Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95051

phpMyAdmin CVE-2016-6619 SQL-Injection Vulnerability
2016-12-23
http://www.securityfocus.com/bid/95048

SANS News

 

Threatpost

Siemens Patches Insufficient Entropy Vulnerability in ICS Systems

NIST Calls for Submissions to Secure Data Against Quantum Computing

Exploit

macOS < 10.12.2 / iOS < 10.2 Kernel - _kernelrpc_mach_port_insert_right_trap...

macOS < 10.12.2 / iOS < 10.2 - Broken Kernel Mach Port Name uref Handling...

macOS 10.12.1 / iOS < 10.2 - syslogd Arbitrary Port Replacement

macOS 10.12.1 / iOS < 10.2 - powerd Arbitrary Port Replacement

macOS < 10.12.2 / iOS < 10.2 Kernel - ipc_port_t Reference Count Leak Due to...

macOS 10.12 - Double vm_deallocate in Userspace MIG Code Use-After-Free

macOS 10.12.1 Kernel - Writable Privileged IOKit Registry Properties Code Execution

Microsoft Internet Explorer 11 - MSHTML CPaste≠Command::Convert≠Bitmapto≠Png He...

Vesta Control Panel 0.9.8-16 - Local Privilege Escalation

IBM AIX 6.1/7.1/7.2 - 'Bellmail' Privilege Escalation

22.12.2016

Bugtraq

[SECURITY] [DSA 3732-2] php-ssh2 regression update 2016-12-21
Sebastien Delafond (seb debian org)

ASP.NET Core 5-RC1 HTTP Header Injection 2016-12-21
Advisories (advisories compass-security com)

Malware

Ransom:Win32/Cerber

Backdoor.Pralice

Linux.Rakos

Phishing

 

Vulnerebility

NVIDIA GPU Driver CVE-2016-8817 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95059

NVIDIA GPU Driver CVE-2016-8819 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95058

phpMyAdmin 'unserialize()' Function Remote Code Execution Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95055

NVIDIA GPU Driver CVE-2016-8813 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95057

NVIDIA GPU Driver CVE-2016-8814 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95054

NVIDIA GPU Driver CVE-2016-8818 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95056

NVIDIA GPU Driver CVE-2016-8815 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95053

phpMyAdmin CVE-2016-6623 Denial of Service Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95052

wolfSSL CVE-2016-7439 Local Information Disclosure Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95050

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-12-22
http://www.securityfocus.com/bid/94536

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-12-22
http://www.securityfocus.com/bid/94531

NVIDIA GPU Driver CVE-2016-8816 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95051

phpMyAdmin CVE-2016-6619 SQL-Injection Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95048

phpMyAdmin CVE-2016-6622 Denial of Service Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95049

Multiple Netgear Routers VU#582384 Remote Command Injection Vulnerability
2016-12-22
http://www.securityfocus.com/bid/94819

phpMyAdmin CVE-2016-6615 Multiple Cross Site Scripting Vulnerabilities
2016-12-22
http://www.securityfocus.com/bid/95041

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-12-22
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-12-22
http://www.securityfocus.com/bid/94533

NVIDIA GPU Driver CVE-2016-8820 Local Information Disclosure Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95045

phpMyAdmin CVE-2016-6618 Denial of Service Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95047

phpMyAdmin CVE-2016-6617 SQL-Injection Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95044

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-12-22
http://www.securityfocus.com/bid/94535

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-12-22
http://www.securityfocus.com/bid/94528

phpMyAdmin CVE-2016-6616 SQL-Injection Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95042

Xen CVE-2016-10025 Denial of Service Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95026

NVIDIA GPU Driver CVE-2016-8822 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95014

Cisco CloudCenter Orchestrator CVE-2016-9223 Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95024

NVIDIA GPU Driver CVE-2016-8821 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95025

Multiple Cisco Intercloud Fabric CVE-2016-9217 Remote Security Bypass Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95023

Xen CVE-2016-10024 Denial of Service Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95021
Xen CVE-2016-10025 Denial of Service Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95026

NVIDIA GPU Driver CVE-2016-8822 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95014

Cisco CloudCenter Orchestrator CVE-2016-9223 Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95024

NVIDIA GPU Driver CVE-2016-8821 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95025

Multiple Cisco Intercloud Fabric CVE-2016-9217 Remote Security Bypass Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95023

Xen CVE-2016-10024 Denial of Service Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95021

SISCO SNAP-Lite Utility CVE-2015-6574 Denial of Service Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95022

Apache Tika CVE-2015-3271 Remote Information Disclosure Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95020

Intel PROSet/Wireless Software and Drivers CVE-2016-8104 Local Buffer Overflow Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95017

Cisco Jabber Guest Server CVE-2016-9224 Open Redirection Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95016

cURL/libcURL CVE-2016-9586 Buffer Overflow Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95019

phpMyAdmin Multiple Full Path Information Disclosure Vulnerabilities
2016-12-22
http://www.securityfocus.com/bid/94527

phpMyAdmin PMASA-2016-65 Multiple Denial of Service Vulnerabilities
2016-12-22
http://www.securityfocus.com/bid/94525

phpMyAdmin PMASA-2016-64 Multiple Cross Site Scripting Vulnerabilities
2016-12-22
http://www.securityfocus.com/bid/94530

NVIDIA GPU Driver CVE-2016-8824 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95015

phpMyAdmin PMASA-2016-62 Security Bypass Vulnerability
2016-12-22
http://www.securityfocus.com/bid/94534

phpMyAdmin PMASA-2016-61 Security Bypass Vulnerability
2016-12-22
http://www.securityfocus.com/bid/94529

phpMyAdmin PMASA-2016-59 Remote Information Disclosure Vulnerability
2016-12-22
http://www.securityfocus.com/bid/94523

BlueZ Buffer Overflow and Denial of Service Vulnerabilities
2016-12-22
http://www.securityfocus.com/bid/95013

SAP Solman Information Disclosure Vulnerability
2016-12-22
http://www.securityfocus.com/bid/92949

BMC Patrol CVE-2016-9638 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95009

Multiple Intel Products CVE-2016-8103 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95012

Apport Multiple Security Vulnerabilities
2016-12-22
http://www.securityfocus.com/bid/95011

phpMyAdmin PMASA-2016-58 Insecure Key Generation Security Weakness
2016-12-22
http://www.securityfocus.com/bid/94524

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-12-22
http://www.securityfocus.com/bid/94521

b2evolution CVE-2016-9479 Security Bypass Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95006

SPIP Multiple Cross Site Scripting Vulnerabilities
2016-12-22
http://www.securityfocus.com/bid/95008

Intel Wireless Bluetooth Drivers CVE-2016-8102 Local Privilege Escalation Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95010

Zikula CVE-2016-9835 Directory Traversal Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95005

IBM QRadar SIEM CVE-2016-2874 Information Disclosure Vulnerability
2016-12-22
http://www.securityfocus.com/bid/95003

SANS News

What are your 2017 infosec predictions?

Threatpost

New Wave of Hailstorm Spam Pelts Inboxes

Congressional Group Says Encryption Backdoors Are a Bad Idea

Exploit

IBM AIX 6.1/7.1/7.2 - 'Bellmail' Privilege Escalation

21.12.2016

Bugtraq

[SECURITY] [DSA 3732-2] php-ssh2 regression update 2016-12-21
Sebastien Delafond (seb debian org)

ASP.NET Core 5-RC1 HTTP Header Injection 2016-12-21
Advisories (advisories compass-security com)

[SECURITY] [DSA 3743-1] python-bottle security update 2016-12-20
Sebastien Delafond (seb debian org)

CVE-2014-1785: MSIE 11 MSHTML CSpliceTreeEngine::RemoveSplice use-after-free 2016-12-20
Berend-Jan Wever (berendj nwever nl)

[SECURITY] [DSA 3738-1] tomcat7 security update 2016-12-18
Sebastien Delafond (seb debian org)

Malware

Backdoor.Pralice

TrojanDownloader:JS/Stenago.A

Phishing

SunTrust Online

20th December 2016

Notification Alert: Update
your information

BB&T Bank

20th December 2016

BB&T BANK - PERSONAL
INFORMATION UPDATE

AOL

20th December 2016

new msg

NatWest Bank

20th December 2016

Important information about
your account

Vulnerebility

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-12-21
http://www.securityfocus.com/bid/94521

IBM QRadar SIEM CVE-2016-2874 Information Disclosure Vulnerability
2016-12-21
http://www.securityfocus.com/bid/95003

IBM QRadar SIEM CVE-2016-2877 Local Security Bypass Vulnerability
2016-12-21
http://www.securityfocus.com/bid/95002

IBM QRadar SIEM CVE-2016-2876 Unspecified Command Injection Vulnerability
2016-12-21
http://www.securityfocus.com/bid/95001

IBM QRadar Security Information and Event Manager CVE-2016-2873 SQL Injection Vulnerability
2016-12-21
http://www.securityfocus.com/bid/95000

IBM QRadar SIEM CVE-2016-2878 Multiple Cross Site Request Forgery Vulnerabilities
2016-12-21
http://www.securityfocus.com/bid/95004

Rapid7 Nexpose CVE-2016-9757 Cross Site Scripting Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94996

Horde Groupware Multiple Cross Site Scripting Vulnerabilities
2016-12-21
http://www.securityfocus.com/bid/94997

dotCMS 'stName' Parameter SQL Injection Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94992

VMware ESXi CVE-2016-7463 HTML Injection Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94998

Samba CVE-2016-2126 Denial of Service Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94994

Red Hat OpenShift Enterprise CVE-2016-9592 Denial of Service Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94991

VMware vSphere Data Protection CVE-2016-7456 Authentication Bypass Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94990

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-12-21
http://www.securityfocus.com/bid/93153

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-12-21
http://www.securityfocus.com/bid/91081

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2016-12-21
http://www.securityfocus.com/bid/92984

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-12-21
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-12-21
http://www.securityfocus.com/bid/93150

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-12-21
http://www.securityfocus.com/bid/91704

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-12-21
http://www.securityfocus.com/bid/93793

Linux Kernel Multiple Local Memory Corruption Vulnerabilities
2016-12-21
http://www.securityfocus.com/bid/91451

Linux Kernel Local Memory Corruption and Integer Overflow Vulnerabilities
2016-12-21
http://www.securityfocus.com/bid/84305

IBM BigFix Remote CVE-2016-2935 Denial of Service Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94989

Samba CVE-2016-2125 User Impersonation Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94988

IBM BigFix Remote Control CVE-2016-2934 Cross Site Scripting Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94987

Siemens Desigo PX Web Modules CVE-2016-9154 Insufficient Entropy Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94962

foreman-debug CVE-2016-9593 Local Information Disclosure Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94985

IBM BigFix Remote Control CVE-2016-2933 Directory Traversal Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94986

Multiple Symantec Products CVE-2016-6590 DLL Loading Local Privilege Escalation Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94279

IBM Tivoli Remote Control CVE-2016-2931 Information Disclosure Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94984IBM BigFix Remote CVE-2016-2935 Denial of Service Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94989

Samba CVE-2016-2125 User Impersonation Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94988

IBM BigFix Remote Control CVE-2016-2934 Cross Site Scripting Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94987

Siemens Desigo PX Web Modules CVE-2016-9154 Insufficient Entropy Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94962

foreman-debug CVE-2016-9593 Local Information Disclosure Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94985

IBM BigFix Remote Control CVE-2016-2933 Directory Traversal Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94986

Multiple Symantec Products CVE-2016-6590 DLL Loading Local Privilege Escalation Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94279

IBM Tivoli Remote Control CVE-2016-2931 Information Disclosure Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94984

IBM BigFix Remote Control CVE-2016-2932 Security Bypass Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94983

Libdwarf 'dwarf_util.c' Heap Based Buffer Overflow Vulnerability
2016-12-21
http://www.securityfocus.com/bid/94980

QEMU 'virtio-gpu-3d.c' Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94981

IBM AIX CVE-2016-8972 Local Privilege Escalation Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94979

QEMU 'VIRTIO_GPU_CMD_SET_SCANOUT()' Function Out of Bounds Read Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94978

ISC BIND CVE-2016-2848 Remote Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93814

OpenSSH CVE-2016-10011 Local Information Disclosure Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94977

IBM Tealeaf Customer Experience CVE-2015-4961 Information Disclosure Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94976

OpenSSH CVE-2016-10012 Security Bypass Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94975

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94067

Cybozu Garoon CVE-2016-7803 SQL Injection Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94974

Cybozu Garoon CVE-2016-4909 Unspecified Cross Site Request Forgery Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94973

OpenSSH CVE-2016-10010 Privilege Escalation Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94972

Microsoft Windows Installer CVE-2016-7292 DLL Loading Local Privilege Escalation Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94768

Microsoft Windows CVE-2016-7295 Local Information Disclosure Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94787

Microsoft Windows Crypto Driver CVE-2016-7219 Local Information Disclosure Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94764

Microsoft .NET Framework CVE-2016-7270 Information Disclosure Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94741

Samba CVE-2016-2123 Heap Based Buffer Overflow Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94970

Expat CVE-2016-0718 Buffer Overflow Vulnerability
2016-12-20
http://www.securityfocus.com/bid/90729

Cybozu Garoon Multiple Access Bypass Vulnerabilities
2016-12-20
http://www.securityfocus.com/bid/94966

Cybozu Garoon CVE-2016-4907 Unspecified Information Disclosure Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94965

mini_httpd CVE-2015-1548 Information Disclosure Vulnerability
2016-12-20
http://www.securityfocus.com/bid/73450

SANS News

What are your 2017 infosec predictions?

Threatpost

ShadowBrokers Dump Came from Internal Code Repository, Insider

In-Flight Entertainment System Flaws Put Passenger Data at Risk

New Decryptor Unlocks CryptXXX v3 Files

Wassenaar Renegotiation Will Be in Trump Administrationís Hands

Exploit

NETGEAR WNR2000v5 - Remote Code Execution

Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144)

Microsoft Edge - SIMD.toLocaleString Uninitialized Memory (MS16-145)

Microsoft Internet Explorer 11 MSHTML - CSplice≠Tree≠Engine::Remove≠Splice Us...

Google Android - WifiNative::setHotlist Stack Overflow

20.12.2016

Bugtraq

CVE-2014-1785: MSIE 11 MSHTML CSpliceTreeEngine::RemoveSplice use-after-free 2016-12-20
Berend-Jan Wever (berendj nwever nl)

[SECURITY] [DSA 3738-1] tomcat7 security update 2016-12-18
Sebastien Delafond (seb debian org)

Samsung DVR credentials encoded in base64 in cookie header 2016-12-17
Jacobo Avariento (spinfoo vuln gmail com)

[security bulletin] HPSBMU03684 rev.1 - HPE Version Control Repository Manager (VCRM), Multiple Remote Vulnerabilities 2016-12-16
security-alert hpe com

[SECURITY] [DSA 3736-1] libupnp security update 2016-12-16
Sebastien Delafond (seb debian org)

Malware

Exp.CVE-2016-7202

Exp.CVE-2016-7283

Phishing

PayPal

19th December 2016

YOUR PAYPAL ACCOUNT HAS BEEN
LIMITED.

PayPal

18th December 2016

Unlock Your PayPal Account

Apple

17th December 2016

Please update your Account
Information

Tesco.com

17th December 2016

Tesco is giving you a chance
to shop for free.

AOL

16th December 2016

new message

Vulnerebility

Expat CVE-2016-0718 Buffer Overflow Vulnerability
2016-12-20
http://www.securityfocus.com/bid/90729

mini_httpd CVE-2015-1548 Information Disclosure Vulnerability
2016-12-20
http://www.securityfocus.com/bid/73450

OpenSSH CVE-2016-10009 Remote Code Execution Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94968

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93621

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93637

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93643

Oracle Java SE CVE-2016-5556 Remote Security Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93618

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93636

Cybozu Garoon CVE-2016-7802 Directory Traversal Vulnerability
2016-12-20
http://www.securityfocus.com/bid/94967

Libexpat Expat CVE-2012-6702 Predictable Random Number Generator Weakness
2016-12-20
http://www.securityfocus.com/bid/91483

Expat CVE-2016-4472 Incomplete Fix Remote Code Execution Vulnerability
2016-12-20
http://www.securityfocus.com/bid/91528

Expat CVE-2016-5300 Incomplete Fix Remote Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/91159

Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2016-12-20
http://www.securityfocus.com/bid/52379

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-12-20
http://www.securityfocus.com/bid/91081

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-12-20
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93153

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-12-20
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/92628

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93150

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/92117

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-12-20
http://www.securityfocus.com/bid/91319

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93152

PHP 'ext/session/session.c' Remote Code Injection Vulnerability
2016-12-20
http://www.securityfocus.com/bid/92552

PHP 'zip_stream.c' Integer Overflow Vulnerability
2016-12-20
http://www.securityfocus.com/bid/92099

Oracle Java SE CVE-2016-5582 Remote Security Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93623

PHP '/xmlrpc/libxmlrpc/simplestring.c' Heap Buffer Overflow Vulnerability
2016-12-20
http://www.securityfocus.com/bid/92095

OpenSSL CVE-2016-6305 Denial of Service Vulnerability
2016-12-20
http://www.securityfocus.com/bid/93149

SANS News

Mirai Scanning for Port 6789 Looking for New Victims

Threatpost

Insecure NAS Device Exposes 350 Ameriprise Investment Accounts

Google Unveils Cryptographic Library Test Suite Wycheproof

ShadowBrokers Dump Came from Internal Code Repository, Insider

In-Flight Entertainment System Flaws Put Passenger Data at Risk

Exploit

Google Chrome + Fedora 25 / Ubuntu 16.04 - 'tracker-extract' /...

Google Chrome < 31.0.1650.48 - HTTP 1xx...

RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)

Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution

Naenara Browser 3.5 (RedStar 3.0 Desktop) - 'JACKRABBIT' Client-Side Command...

19.12.2016

Bugtraq

[SECURITY] [DSA 3738-1] tomcat7 security update 2016-12-18
Sebastien Delafond (seb debian org)

Samsung DVR credentials encoded in base64 in cookie header 2016-12-17
Jacobo Avariento (spinfoo vuln gmail com)

[security bulletin] HPSBMU03684 rev.1 - HPE Version Control Repository Manager (VCRM), Multiple Remote Vulnerabilities 2016-12-16
security-alert hpe com

[SECURITY] [DSA 3736-1] libupnp security update 2016-12-16
Sebastien Delafond (seb debian org)

Malware

Backdoor.Telebot

Exp.CVE-2016-7892

Phishing

 

Vulnerebility

Samba CVE-2016-2119 Man in the Middle Security Bypass Vulnerability
2016-12-19
http://www.securityfocus.com/bid/91700

Squid HTTP proxy Multiple Information Disclosure Vulnerabilities
2016-12-19
http://www.securityfocus.com/bid/94953

Apache POI CVE-2016-5000 XML External Entity Injection Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92100

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/69647

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/69648

POI CVE-2014-9527 Denial-Of-Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/77726

Apache POI CVE-2012-0213 Denial Of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/53487

Oracle Java SE and JRockit CVE-2016-3427 Remote Security Vulnerability
2016-12-19
http://www.securityfocus.com/bid/86421

Oracle Java SE and JRockit CVE-2016-0695 Remote Security Vulnerability
2016-12-19
http://www.securityfocus.com/bid/86438

Oracle Java SE and JRockit CVE-2016-3425 Remote Security Vulnerability
2016-12-19
http://www.securityfocus.com/bid/86434

IBM WebSphere Application Server Liberty CVE-2016-0378 Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/93143

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/91453

IBM WebSphere Application Server CVE-2016-5986 Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/93013

Oberhumer LZO CVE-2014-4607 Multiple Memory Corruption Vulnerabilities
2016-12-19
http://www.securityfocus.com/bid/68213

HP Version Control Repository Manager Multiple Security Vulnerabilities
2016-12-19
http://www.securityfocus.com/bid/94949

OpenSSL CVE-2000-1254 Security Bypass Vulnerability
2016-12-19
http://www.securityfocus.com/bid/90109

JasPer CVE-2016-9591 Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/94952

Apache Hadoop CVE-2016-5001 Local Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/94950

DCMTK CVE-2015-8979 Stack Buffer Overflow Vulnerability
2016-12-19
http://www.securityfocus.com/bid/94951

libical CVE-2016-9584 Heap Based Buffer Overflow Vulnerability
2016-12-19
http://www.securityfocus.com/bid/94948

GNU glibc CVE-2016-6323 Infinite Loop Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92532

OpenVPN CVE-2016-6329 Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92631

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/93152

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-6309 Remote Code Execution Vulnerability
2016-12-19
http://www.securityfocus.com/bid/93177

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-12-19
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92982

GNU glibc 'getaddrinfo()' Function Incomplete Fix Remote Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/88440

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92984

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/93153
Apache POI CVE-2016-5000 XML External Entity Injection Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92100

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/69647

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/69648

POI CVE-2014-9527 Denial-Of-Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/77726

Apache POI CVE-2012-0213 Denial Of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/53487

Oracle Java SE and JRockit CVE-2016-3427 Remote Security Vulnerability
2016-12-19
http://www.securityfocus.com/bid/86421

Oracle Java SE and JRockit CVE-2016-0695 Remote Security Vulnerability
2016-12-19
http://www.securityfocus.com/bid/86438

Oracle Java SE and JRockit CVE-2016-3425 Remote Security Vulnerability
2016-12-19
http://www.securityfocus.com/bid/86434

IBM WebSphere Application Server Liberty CVE-2016-0378 Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/93143

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/91453

IBM WebSphere Application Server CVE-2016-5986 Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/93013

Oberhumer LZO CVE-2014-4607 Multiple Memory Corruption Vulnerabilities
2016-12-19
http://www.securityfocus.com/bid/68213

OpenSSL CVE-2000-1254 Security Bypass Vulnerability
2016-12-19
http://www.securityfocus.com/bid/90109

JasPer CVE-2016-9591 Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/94952

Apache Hadoop CVE-2016-5001 Local Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/94950

DCMTK CVE-2015-8979 Stack Buffer Overflow Vulnerability
2016-12-19
http://www.securityfocus.com/bid/94951

libical CVE-2016-9584 Heap Based Buffer Overflow Vulnerability
2016-12-19
http://www.securityfocus.com/bid/94948

GNU glibc CVE-2016-6323 Infinite Loop Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92532

OpenVPN CVE-2016-6329 Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92631

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/93152

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-6309 Remote Code Execution Vulnerability
2016-12-19
http://www.securityfocus.com/bid/93177

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-12-19
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92982

GNU glibc 'getaddrinfo()' Function Incomplete Fix Remote Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/88440

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92984

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/93153

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/92117

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2016-12-19
http://www.securityfocus.com/bid/93171

SANS News

 

Threatpost

 

Exploit

RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)

Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution

Naenara Browser 3.5 (RedStar 3.0 Desktop) - 'JACKRABBIT' Client-Side Command...

WordPress Plugin 404 Redirection Manager 1.0 - SQL Injection

Wordpress Plugin WP Private Messages 1.0.1 - SQL Injection

Wordpress Plugin WP Support Plus Responsive Ticket System 7.1.3 - SQL Injection

18.12.2016

Bugtraq

[security bulletin] HPSBMU03684 rev.1 - HPE Version Control Repository Manager (VCRM), Multiple Remote Vulnerabilities 2016-12-16
security-alert hpe com

[SECURITY] [DSA 3736-1] libupnp security update 2016-12-16
Sebastien Delafond (seb debian org)

CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom 2016-12-16
unlimitsec gmail com

Malware

 

Phishing

Tesco.com

17th December 2016

Tesco is giving you a chance
to shop for free.

AOL

16th December 2016

new message

PayPal

16th December 2016

We noticed unusual activity in
your PayPal account (Ref
#PP-003-760-771-972)

Vulnerebility

Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94947

Apache Xerces-C CVE-2016-4463 Stack Buffer Overflow Vulnerability
2016-12-18
http://www.securityfocus.com/bid/91501

libxml2 CVE-2016-3705 Stack Buffer Overflow Vulnerability
2016-12-18
http://www.securityfocus.com/bid/89854

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/91453

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2016-12-18
http://www.securityfocus.com/bid/83423

FlightGear CVE-2016-9956 Arbitrary File Overwrite Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94945

SimpleSAMLphp CVE-2016-9955 Security Bypass Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94946

Irregex CVE-2016-9954 Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94942

Huawei Smart Phone P9 Wi-FI Driver Local Buffer Overflow Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94943

Huawei H60 CVE-2016-8783 Local Stack Buffer Overflow Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94944

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94067

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/93188

Huawei CloudEngine 12800 CVE-2016-8782 Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94941

Redis CVE-2015-4335 EVAL Lua Sandbox Security Bypass Vulnerability
2016-12-18
http://www.securityfocus.com/bid/75034

Resteasy CVE-2016-9571 Remote Code Execution Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94940

libxml2 'HTMLparser.c' Out of Bounds Read Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/85267

Google Android AOSP Mail CVE-2016-3918 Information Disclosure Vulnerability
2016-12-18
http://www.securityfocus.com/bid/93299

Red Hat mod_cluster CVE-2016-8612 Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94939

PLC WinProladder CVE-2016-8377 Stack Buffer Overflow Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94938

OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/75154

OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/75157

OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2016-12-18
http://www.securityfocus.com/bid/75161

OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/75156

Apple iOS and watchOS CVE-2016-7651 Security Bypass Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94851

OmniView ICSA-16-350-02 Multiple Information Disclosure Vulnerabilities
2016-12-18
http://www.securityfocus.com/bid/94937

RedHat Ceph CVE-2016-9579 Remote Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94936

Red Hat OpenShift Enterprise CVE-2016-8651 Information Disclosure Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94935

Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94933

MongoDB CVE-2016-3104 Remote Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94929

FreeIPA CVE-2016-7030 Denial of Service Vulnerability
2016-12-18
http://www.securityfocus.com/bid/94934Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94947

Apache Xerces-C CVE-2016-4463 Stack Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/91501

libxml2 CVE-2016-3705 Stack Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/89854

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/91453

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/83423

FlightGear CVE-2016-9956 Arbitrary File Overwrite Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94945

SimpleSAMLphp CVE-2016-9955 Security Bypass Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94946

Irregex CVE-2016-9954 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94942

Huawei Smart Phone P9 Wi-FI Driver Local Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94943

Huawei H60 CVE-2016-8783 Local Stack Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94944

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94067

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/93188

Huawei CloudEngine 12800 CVE-2016-8782 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94941

Redis CVE-2015-4335 EVAL Lua Sandbox Security Bypass Vulnerability
2016-12-17
http://www.securityfocus.com/bid/75034

Resteasy CVE-2016-9571 Remote Code Execution Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94940

libxml2 'HTMLparser.c' Out of Bounds Read Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/85267

Google Android AOSP Mail CVE-2016-3918 Information Disclosure Vulnerability
2016-12-17
http://www.securityfocus.com/bid/93299

Red Hat mod_cluster CVE-2016-8612 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94939

PLC WinProladder CVE-2016-8377 Stack Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94938

OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/75154

OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/75157

OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2016-12-17
http://www.securityfocus.com/bid/75161

OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/75156

Apple iOS and watchOS CVE-2016-7651 Security Bypass Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94851

OmniView ICSA-16-350-02 Multiple Information Disclosure Vulnerabilities
2016-12-17
http://www.securityfocus.com/bid/94937

RedHat Ceph CVE-2016-9579 Remote Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94936

Red Hat OpenShift Enterprise CVE-2016-8651 Information Disclosure Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94935

Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94933

MongoDB CVE-2016-3104 Remote Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94929

FreeIPA CVE-2016-7030 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94934Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94947

Apache Xerces-C CVE-2016-4463 Stack Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/91501

libxml2 CVE-2016-3705 Stack Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/89854

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/91453

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/83423

FlightGear CVE-2016-9956 Arbitrary File Overwrite Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94945

SimpleSAMLphp CVE-2016-9955 Security Bypass Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94946

Irregex CVE-2016-9954 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94942

Huawei Smart Phone P9 Wi-FI Driver Local Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94943

Huawei H60 CVE-2016-8783 Local Stack Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94944

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94067

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/93188

Huawei CloudEngine 12800 CVE-2016-8782 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94941

Redis CVE-2015-4335 EVAL Lua Sandbox Security Bypass Vulnerability
2016-12-17
http://www.securityfocus.com/bid/75034

Resteasy CVE-2016-9571 Remote Code Execution Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94940

libxml2 'HTMLparser.c' Out of Bounds Read Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/85267

Google Android AOSP Mail CVE-2016-3918 Information Disclosure Vulnerability
2016-12-17
http://www.securityfocus.com/bid/93299

Red Hat mod_cluster CVE-2016-8612 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94939

PLC WinProladder CVE-2016-8377 Stack Buffer Overflow Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94938

OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/75154

OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/75157

OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2016-12-17
http://www.securityfocus.com/bid/75161

OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/75156

Apple iOS and watchOS CVE-2016-7651 Security Bypass Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94851

OmniView ICSA-16-350-02 Multiple Information Disclosure Vulnerabilities
2016-12-17
http://www.securityfocus.com/bid/94937

RedHat Ceph CVE-2016-9579 Remote Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94936

Red Hat OpenShift Enterprise CVE-2016-8651 Information Disclosure Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94935

Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94933

MongoDB CVE-2016-3104 Remote Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94929

FreeIPA CVE-2016-7030 Denial of Service Vulnerability
2016-12-17
http://www.securityfocus.com/bid/94934

SANS News

Blocking Powershell Connection via Windows Firewall.

Threatpost

Tales of WordPress Plugin Insecurity Overblown, Researchers Say

Nagios Core Patches Root, RCE Vulnerabilities

Remote Code Execution Bug Found in Ubuntu Quantal

SQL Injection Attack is Tied to Election Commission Breach

Exploit

iOS 10.1.1 / macOS 10.12 16A323 XNU Kernel - set_dp_control_port Lack of Locking...

WordPress Plugin Quiz And Survey Master 4.5.4 / 4.7.8 - Cross-Site Request Forgery

WHMCS Addon VMPanel 2.7.4 - SQL Injection

Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service

DCMTK 3.6.0 storescp - Stack Buffer Overflow

ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow

OsiriX DICOM Viewer 8.0.1 - Memory Corruption

Orthanc DICOM Server 1.1.0 - Memory Corruption

16.12.2016

Bugtraq

[security bulletin] HPSBMU03684 rev.1 - HPE Version Control Repository Manager (VCRM), Multiple Remote Vulnerabilities 2016-12-16
security-alert hpe com

[SECURITY] [DSA 3736-1] libupnp security update 2016-12-16
Sebastien Delafond (seb debian org)

CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom 2016-12-16
unlimitsec gmail com

CVE-2013-0090: MSIE 9 IEFRAME CView::EnsureSize use-after-free 2016-12-16
Berend-Jan Wever (berendj nwever nl)

MSIE 9 IEFRAME CMarkup­Pointer::Move­To­Gap use-after-free 2016-12-15
Berend-Jan Wever (berendj nwever nl)

Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565] 2016-12-15
Dawid Golunski (dawid legalhackers com)

Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability 2016-12-14
apparitionsec gmail com (hyp3rlinx)

Secunia Research: Microsoft Windows Type 1 Font Processing Vulnerability 2016-12-14
Secunia Research (remove-vuln secunia com)

CVE-2013-3143: MSIE 9 IEFRAME CMarkup..Remove­Pointer­Pos use-after-free 2016-12-14
Berend-Jan Wever (berendj nwever nl)

Malware

 

Phishing

AOL

16th December 2016

Shes waiting for your answer!

AOL

15th December 2016

youve got an incoming message

AOL

15th December 2016

This woman is awaiting your
response!

Vulnerebility

Apache Xerces-C CVE-2016-4463 Stack Buffer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/91501

libxml2 CVE-2016-3705 Stack Buffer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/89854

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/91453

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/83423

FlightGear CVE-2016-9956 Arbitrary File Overwrite Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94945

SimpleSAMLphp CVE-2016-9955 Security Bypass Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94946

Irregex CVE-2016-9954 Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94942

Huawei Smart Phone P9 Wi-FI Driver Local Buffer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94943

Huawei H60 CVE-2016-8783 Local Stack Buffer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94944

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94067

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/93188

Huawei CloudEngine 12800 CVE-2016-8782 Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94941

Redis CVE-2015-4335 EVAL Lua Sandbox Security Bypass Vulnerability
2016-12-16
http://www.securityfocus.com/bid/75034

Resteasy CVE-2016-9571 Remote Code Execution Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94940

libxml2 'HTMLparser.c' Out of Bounds Read Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/85267

Google Android AOSP Mail CVE-2016-3918 Information Disclosure Vulnerability
2016-12-16
http://www.securityfocus.com/bid/93299

Red Hat mod_cluster CVE-2016-8612 Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94939

PLC WinProladder CVE-2016-8377 Stack Buffer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94938

OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/75154

OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/75157

OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2016-12-16
http://www.securityfocus.com/bid/75161

OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/75156

Apple iOS and watchOS CVE-2016-7651 Security Bypass Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94851

OmniView ICSA-16-350-02 Multiple Information Disclosure Vulnerabilities
2016-12-16
http://www.securityfocus.com/bid/94937

RedHat Ceph CVE-2016-9579 Remote Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94936

Red Hat OpenShift Enterprise CVE-2016-8651 Information Disclosure Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94935

Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94933

MongoDB CVE-2016-3104 Remote Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94929

FreeIPA CVE-2016-7030 Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94934

Debian CVE-2016-1253 Remote Command Injection Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94931
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/75154

OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/75157

OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2016-12-16
http://www.securityfocus.com/bid/75161

OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/75156

Apple iOS and watchOS CVE-2016-7651 Security Bypass Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94851

OmniView ICSA-16-350-02 Multiple Information Disclosure Vulnerabilities
2016-12-16
http://www.securityfocus.com/bid/94937

RedHat Ceph CVE-2016-9579 Remote Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94936

Red Hat OpenShift Enterprise CVE-2016-8651 Information Disclosure Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94935

Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94933

MongoDB CVE-2016-3104 Remote Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94929

FreeIPA CVE-2016-7030 Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94934

Debian CVE-2016-1253 Remote Command Injection Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94931

JasPer 'jpc_t2cod.c' Remote Heap Buffer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94925

Red Hat JBoss Enterprise Application Platform CVE-2016-9585 Remote Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94932

Huawei Firewall CVE-2016-8781 Remote Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94927

Joyent SmartOS CVE-2016-9033 Local Stack Buffer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94928

Joyent SmartOS CVE-2016-9034 Local Stack Buffer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94930

Joyent SmartOS CVE-2016-9035 Local Stack Buffer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94926

Matroska libEBML CVE-2016-1515 Multiple Double Free Denial of Service Vulnerabilities
2016-12-16
http://www.securityfocus.com/bid/94924

Joyent SmartOS CVE-2016-9032 Local Stack Buffer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94923

Nagios Core CVE-2016-9565 Remote Command Injection Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94922

Joyent SmartOS CVE-2016-9031 Local Integer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94921

Nagios CVE-2016-9566 Local Privilege Escalation Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94919

Python-RSA CVE-2016-1494 Security Bypass Vulnerability
2016-12-16
http://www.securityfocus.com/bid/79829

Fontconfig CVE-2016-5384 Local Privilege Escalation Vulnerability
2016-12-16
http://www.securityfocus.com/bid/92339

Sudo Local Information Disclosure Vulnerability
2016-12-16
http://www.securityfocus.com/bid/92615

cURL/libcURL CVE-2016-5420 Certificate Validation Security Bypass Vulnerability
2016-12-16
http://www.securityfocus.com/bid/92309

Linux kernel 'pcpu_extend_area_map()' Function Use After Free Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/90625

Joyent SmartOS CVE-2016-8733 Integer Overflow Vulnerability
2016-12-16
http://www.securityfocus.com/bid/94920

cURL/libcurl CVE-2016-5421 Local Use After Free Denial of Service Vulnerability
2016-12-16
http://www.securityfocus.com/bid/92306

SANS News

One, if by email, and two, if by EK: The Cerbers are coming!

Threatpost

Microsoft, Google to Block Flash by Default in Edge, Chrome

DNSChanger Exploit Kit Hijacks Routers, Not Browsers

Tales of WordPress Plugin Insecurity Overblown, Researchers Say

Exploit

Horos 2.1.0 Web Portal - Directory Traversal

Nagios < 4.2.4 - Privilege Escalation

Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes)

Orthanc DICOM Server 1.1.0 - Memory Corruption

OsiriX DICOM Viewer 8.0.1 - Memory Corruption

ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow

DCMTK 3.6.0 storescp - Stack Buffer Overflow

Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service

Nagios < 4.2.2 - Arbitrary Code Execution

Nagios < 4.2.4 - Privilege Escalation

Nidesoft MP3 Converter 2.6.18 - SEH Local Buffer Overflow

Microsoft Internet Explorer 9 IEFRAME - CMarkup::Remove≠Pointer≠Pos Use-After-Free (...

Microsoft Internet Explorer 9 MSHTML - CMarkup::Reload≠In≠Compat≠View Us...

15.12.2016

Bugtraq

MSIE 9 IEFRAME CMarkup­Pointer::Move­To­Gap use-after-free 2016-12-15
Berend-Jan Wever (berendj nwever nl)

Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565] 2016-12-15
Dawid Golunski (dawid legalhackers com)

Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability 2016-12-14
apparitionsec gmail com (hyp3rlinx)

Secunia Research: Microsoft Windows Type 1 Font Processing Vulnerability 2016-12-14
Secunia Research (remove-vuln secunia com)

CVE-2013-3143: MSIE 9 IEFRAME CMarkup..Remove­Pointer­Pos use-after-free 2016-12-14
Berend-Jan Wever (berendj nwever nl)

[slackware-security] mozilla-firefox (SSA:2016-348-01) 2016-12-13
Slackware Security Team (security slackware com)

MSIE 9 MSHTML CMarkup::ReloadInCompatView use-after-free 2016-12-13
Berend-Jan Wever (berendj nwever nl)

APPLE-SA-2016-12-13-7 Additional information for APPLE-SA-2016-12-12-2 watchOS 3.1.1 2016-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-12-13-8 Transporter 1.9.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-12-13-5 Additional information for APPLE-SA-2016-12-12-1 iOS 10.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-12-13-2 Safari 10.0.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-12-13-3 iTunes 12.5.4 2016-12-13
Apple Product Security (product-security-noreply lists apple com)

Malware

Backdoor:Win32/Truvasys.D!dha
Backdoor:Win32/Truvasys.A!dha

Backdoor:Win32/Truvasys.C!dha

Backdoor:Win32/Myntor.A!dha

Phishing

 

Vulnerebility

Huawei Firewall CVE-2016-8781 Remote Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94927

Joyent SmartOS CVE-2016-9033 Local Stack Buffer Overflow Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94928

Joyent SmartOS CVE-2016-9034 Local Stack Buffer Overflow Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94930

Joyent SmartOS CVE-2016-9035 Local Stack Buffer Overflow Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94926

Matroska libEBML CVE-2016-1515 Multiple Double Free Denial of Service Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/94924

Joyent SmartOS CVE-2016-9032 Local Stack Buffer Overflow Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94923

Nagios Core CVE-2016-9565 Remote Command Injection Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94922

Joyent SmartOS CVE-2016-9031 Local Integer Overflow Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94921

Nagios CVE-2016-9566 Local Privilege Escalation Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94919

Python-RSA CVE-2016-1494 Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/79829

Fontconfig CVE-2016-5384 Local Privilege Escalation Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92339

Sudo Local Information Disclosure Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92615

cURL/libcURL CVE-2016-5420 Certificate Validation Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92309

Linux kernel 'pcpu_extend_area_map()' Function Use After Free Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/90625

Joyent SmartOS CVE-2016-8733 Integer Overflow Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94920

cURL/libcurl CVE-2016-5421 Local Use After Free Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92306

cURL/libcURL CVE-2016-5419 Remote Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92292

GNU Wget CVE-2016-4971 Arbitrary File Overwrite Vulnerability
2016-12-15
http://www.securityfocus.com/bid/91530

IBM Spectrum Scale and IBM GPFS Local Command Execution Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92408

MIT Kerberos KDC CVE-2016-3120 NULL Pointer Dereference Denial Of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92132

MIT Kerberos 5 CVE-2016-3119 NULL Pointer Dereference Remote Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/85392

powerpc-utils CVE-2014-8165 Remote Code Execution Vulnerability
2016-12-15
http://www.securityfocus.com/bid/72537

Apache Struts CVE-2016-0785 Remote Code Execution Vulnerability
2016-12-15
http://www.securityfocus.com/bid/85066

util-linux CVE-2016-5011 Local Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/91683

ISC DHCP CVE-2016-2774 Remote Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/84208

Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2016-12-15
http://www.securityfocus.com/bid/77544

MediaTek Driver CVE-2016-6492 Privilege Escalation Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92207

Google Android Mediaserver Multiple Privilege Escalation Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/94134

Linux Kernel CVE-2014-4014 Local Privilege Escalation Vulnerability
2016-12-15
http://www.securityfocus.com/bid/67988

OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/93776cURL/libcURL CVE-2016-8621 Information Disclosure Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94101

cURL/libcURL CVE-2016-8616 Remote Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94094

NVIDIA Windows Kernel Mode Driver CVE-2016-8708 Local Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94918

cURL/libcURL CVE-2016-8622 Remote Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94105

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/93150

Apple tvOS/Mac OS X/iOS CVE-2016-1823 Memory Corruption Vulnerability
2016-12-15
http://www.securityfocus.com/bid/90698

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92984

Apple Mac OS X Server APPLE-SA-2016-03-21-7 Multiple Security Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/85054

cURL/libcURL CVE-2016-8625 Remote Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94107

cURL/libcURL CVE-2016-8624 Remote Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94103

cURL/libcURL CVE-2016-8623 Information Disclosure Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94106

cURL/libcURL CVE-2016-8618 Remote Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94098

cURL CVE-2016-8620 Remote Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94102

cURL CVE-2016-8619 Remote Security Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94100

cURL/libcURL CVE-2016-8617 Remote Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94097

curl/libcURL CVE-2016-7167 Multiple Integer Overflow Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/92975

cURL/libcURL CVE-2016-7141 Certificate Validation Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92754

cURL/libcURL CVE-2016-8615 Cookie Injection Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94096

cURL/libcURL CVE-2016-5420 Certificate Validation Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92309

cURL/libcurl CVE-2016-5421 Local Use After Free Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92306

cURL/libcURL CVE-2016-5419 Remote Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/92292

PHP CVE-2016-7418 Out-of-Bounds Read Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/93011

PHP CVE-2016-7414 Heap Buffer Overflow Vulnerability
2016-12-15
http://www.securityfocus.com/bid/93004

PHP CVE-2016-7416 Stack Buffer Overflow Vulnerability
2016-12-15
http://www.securityfocus.com/bid/93008

PHP 'ext/spl/spl_array.c' Remote Denial Of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/93007

PHP 'ext/standard/var_unserializer.c' Memory Corruption Vulnerability
2016-12-15
http://www.securityfocus.com/bid/93009

PHP CVE-2016-7412 Heap Based Buffer Overflow Vulnerability
2016-12-15
http://www.securityfocus.com/bid/93005

PHP CVE-2016-7413 Use After Free Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/93006

SAP Download Manager Weak Encryption Local Security Weakness
2016-12-15
http://www.securityfocus.com/bid/84286

Apple iOS/WatchOS/tvOS CVE-2016-7626 Memory Corruption Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94852Apple iOS/WatchOS/tvOS CVE-2016-7626 Memory Corruption Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94852

Apple iOS/macOS/tvOS/watchOS CVE-2016-4688 Buffer Overflow Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94572

Multiple IBM Products CVE-2016-8943 Cross Site Scripting Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94917

Multiple IBM Products CVE-2016-8941 Cross Site Request Forgery Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94914

Adobe Flash Player APSB16-39 Unspecified Use After Free Remote Code Execution Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94877

Adobe Flash Player CVE-2016-7890 Unspecified Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94870

Adobe Flash Player APSB16-39 Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/94866

Adobe Flash Player APSB16-39 Multiple Unspecified Remote Code Execution Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/94873

Adobe Flash Player APSB16-39 Multiple Unspecified Buffer Overflow Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/94871

Apple Transporter CVE-2016-7666 Information Disclosure Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94912

Apple iCloud for Windows CVE-2016-7614 Local Information Disclosure Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94911

IBM Tivoli Storage Productivity Center CVE-2016-8942 Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94916

Apple Safari and iOS CVE-2016-7650 Cross Site Scripting Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94915

WebKit CVE-2016-7623 Information Disclosure Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94913

Apple iOS/WatchOS/tvOS/Safari/iTunes/iCloud CVE-2016-7589 Memory Corruption Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94908

Apple macOS/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/94905

Apple Safari/Cloud/iTunes/iOS/tvOS Multiple Security Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/94907

SAP HANA Cockpit Information Disclosure Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94910

WebKit CVE-2016-7592 Denial of Service Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94909

Apple macOS APPLE-SA-2016-12-13-1 Multiple Security Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/94903

Apple macOS/iOS/tvOS Multiple Security Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/94906

Apple iOS/watchOS/macOS CVE-2016-7644 Remote Code Execution Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94904

SAP Mobile Defense & Security Remote Authorization Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94902

SAP HANA Cockpit Cross Site Scripting Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94897

SAP HANA Remote Authorization Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94898

SAP HANA XS Classic Information Disclosure Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94896

Cisco Email Security Appliance CVE-2016-6465 Remote Security Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94901

SAP Netweaver ABAP Remote Authorization Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94900

Visonic PowerLink2 Cross Site Scripting And Information Disclosure Vulnerabilities
2016-12-15
http://www.securityfocus.com/bid/94894

SAP Netweaver ABAP EA-DFPS Remote Authorization Bypass Vulnerability
2016-12-15
http://www.securityfocus.com/bid/94895

SANS News

Domaincop malpsam

Threatpost

Apple Fixes 97 Vulnerabilities Across macOS, iTunes, Safari, iCloud

Google Discloses Contents of Eight National Security Letters

Mirai Giving DDoS-as-a-Service Industry a Boost

Bug Hunters Prefer Communication Ovear Compensation

Exploit

APT - Repository Signing Bypass via Memory Allocation Failure

Adobe Animate 15.2.1.95 - Memory Corruption

14.12.2016

Bugtraq

CVE-2013-3143: MSIE 9 IEFRAME CMarkup..Remove­Pointer­Pos use-after-free 2016-12-14
Berend-Jan Wever (berendj nwever nl)

[slackware-security] mozilla-firefox (SSA:2016-348-01) 2016-12-13
Slackware Security Team (security slackware com)

MSIE 9 MSHTML CMarkup::ReloadInCompatView use-after-free 2016-12-13
Berend-Jan Wever (berendj nwever nl)

APPLE-SA-2016-12-13-7 Additional information for APPLE-SA-2016-12-12-2 watchOS 3.1.1 2016-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-12-13-8 Transporter 1.9.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-12-13-5 Additional information for APPLE-SA-2016-12-12-1 iOS 10.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-12-13-2 Safari 10.0.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-12-13-3 iTunes 12.5.4 2016-12-13
Apple Product Security (product-security-noreply lists apple com)

[slackware-security] kernel (SSA:2016-347-01) 2016-12-12
Slackware Security Team (security slackware com)

[slackware-security] php (SSA:2016-347-03) 2016-12-12
Slackware Security Team (security slackware com)

Malware

BrowserModifier:Win32/Clodaconas
BrowserModifer:Win32/Clodaconas

Backdoor.Telebot

Phishing

Pastor.Fred Wilson

13th December 2016

Here is the information;MTCN;
2133097115

AOL

12th December 2016

new message

Vulnerebility

Cisco Email Security Appliance CVE-2016-6465 Remote Security Bypass Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94901

SAP Netweaver ABAP Remote Authorization Bypass Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94900

Visonic PowerLink2 Cross Site Scripting And Information Disclosure Vulnerabilities
2016-12-14
http://www.securityfocus.com/bid/94894

SAP Netweaver ABAP EA-DFPS Remote Authorization Bypass Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94895

Joomla! Core CVE-2016-9838 Remote Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94893

Apache Struts CVE-2016-8738 Denial of Service Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94657

Multiple Delta Electronics Products Local Buffer Overflow and Arbitrary File Access Vulnerabilities
2016-12-14
http://www.securityfocus.com/bid/94887

SAP NetWeaver Directory Creation Security Bypass Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94890

Moxa DACenter Local Privilege Escalation and Denial of Service Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94891

SAP BusinessObjects BI Platform Remote Command Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94889

Joomla! CVE-2016-9837 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94892

SAP Business Objects Explorer Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94888

Multiple Huawei Smart Phones Drivers Stack Buffer Overflow and Heap Buffer Overflow Vulnerabilities
2016-12-14
http://www.securityfocus.com/bid/93530

McAfee VirusScan Enterprise for Windows DLL Loading Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94886

Mozilla Firefox MFSA2016-94 and MFSA2016-95 Multiple Security Vulnerabilities
2016-12-14
http://www.securityfocus.com/bid/94885

Mozilla Firefox MFSA2016-94 Multiple Security Vulnerabilities
2016-12-14
http://www.securityfocus.com/bid/94883

Mozilla Firefox ESR CVE-2016-9905 Denial of Service Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94884

SIMATIC S7-300 and S7-400 CPUs Denial of Service and Information Disclosure Vulnerabilities
2016-12-14
http://www.securityfocus.com/bid/94820

SIMATIC WinCC and SIMATIC PCS 7 CVE-2016-9160 ActiveX Control Security Bypass Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94825

Apache ActiveMQ CVE-2016-6810 HTML Injection Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94882

XFINITY Gateway Technicolor CVE-2016-7454 Cross Site Request Forgery Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94881

Microsoft Office CVE-2016-7263 Memory Corruption Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94668

Microsoft Office CVE-2016-7266 Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94662

Microsoft Office CVE-2016-7267 Security Bypass Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94664

Microsoft Office CVE-2016-7268 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94672

Microsoft Office CVE-2016-7291 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94671

Microsoft Office CVE-2016-7276 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94666

Microsoft Office CVE-2016-7290 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94670

Microsoft Office CVE-2016-7275 DLL Loading Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94665

Microsoft Windows Graphics Component CVE-2016-7259 Local Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94771SIMATIC S7-300 and S7-400 CPUs Denial of Service and Information Disclosure Vulnerabilities
2016-12-14
http://www.securityfocus.com/bid/94820

SIMATIC WinCC and SIMATIC PCS 7 CVE-2016-9160 ActiveX Control Security Bypass Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94825

Apache ActiveMQ CVE-2016-6810 HTML Injection Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94882

XFINITY Gateway Technicolor CVE-2016-7454 Cross Site Request Forgery Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94881

Microsoft Office CVE-2016-7263 Memory Corruption Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94668

Microsoft Office CVE-2016-7266 Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94662

Microsoft Office CVE-2016-7267 Security Bypass Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94664

Microsoft Office CVE-2016-7268 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94672

Microsoft Office CVE-2016-7291 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94671

Microsoft Office CVE-2016-7276 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94666

Microsoft Office CVE-2016-7290 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94670

Microsoft Office CVE-2016-7275 DLL Loading Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94665

Microsoft Windows Graphics Component CVE-2016-7259 Local Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94771

Microsoft Office CVE-2016-7262 Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94660

Microsoft Windows CVE-2016-7295 Local Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94787

Microsoft Auto Updater for Mac CVE-2016-7300 Local Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94784

Microsoft Windows Kernel CVE-2016-7258 Local Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94736

Microsoft Office CVE-2016-7289 Memory Corruption Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94718

Microsoft Office CVE-2016-7264 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94769

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7260 Local Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94785

Microsoft Windows CVE-2016-7271 Local Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94734

Microsoft .NET Framework CVE-2016-7270 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94741

Microsoft Office CVE-2016-7277 Memory Corruption Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94715

Microsoft Windows Graphics Component CVE-2016-7273 Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94752

Microsoft Windows Installer CVE-2016-7292 DLL Loading Local Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94768

Microsoft Office CVE-2016-7265 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94721

Microsoft Office CVE-2016-7298 Memory Corruption Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94720

Microsoft Windows Crypto Driver CVE-2016-7219 Local Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94764

Microsoft Internet Explorer and Edge CVE-2016-7287 Remote Memory Corruption Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94722

Microsoft Edge CVE-2016-7280 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94750Apache ActiveMQ CVE-2016-6810 HTML Injection Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94882

XFINITY Gateway Technicolor CVE-2016-7454 Cross Site Request Forgery Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94881

Microsoft Office CVE-2016-7263 Memory Corruption Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94668

Microsoft Office CVE-2016-7266 Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94662

Microsoft Office CVE-2016-7267 Security Bypass Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94664

Microsoft Office CVE-2016-7268 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94672

Microsoft Office CVE-2016-7291 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94671

Microsoft Office CVE-2016-7276 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94666

Microsoft Office CVE-2016-7290 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94670

Microsoft Office CVE-2016-7275 DLL Loading Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94665

Microsoft Windows Graphics Component CVE-2016-7259 Local Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94771

Microsoft Office CVE-2016-7262 Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94660

Microsoft Windows CVE-2016-7295 Local Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94787

Microsoft Auto Updater for Mac CVE-2016-7300 Local Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94784

Microsoft Windows Kernel CVE-2016-7258 Local Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94736

Microsoft Office CVE-2016-7289 Memory Corruption Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94718

Microsoft Office CVE-2016-7264 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94769

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7260 Local Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94785

Microsoft Windows CVE-2016-7271 Local Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94734

Microsoft .NET Framework CVE-2016-7270 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94741

Microsoft Office CVE-2016-7277 Memory Corruption Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94715

Microsoft Windows Graphics Component CVE-2016-7273 Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94752

Microsoft Windows Installer CVE-2016-7292 DLL Loading Local Privilege Escalation Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94768

Microsoft Office CVE-2016-7265 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94721

Microsoft Office CVE-2016-7298 Memory Corruption Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94720

Microsoft Windows Crypto Driver CVE-2016-7219 Local Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94764

Microsoft Internet Explorer and Edge CVE-2016-7287 Remote Memory Corruption Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94722

Microsoft Edge CVE-2016-7280 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94750

Microsoft Internet Explorer and Edge CVE-2016-7282 Information Disclosure Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94724

Microsoft Windows Graphics Component CVE-2016-7272 Remote Code Execution Vulnerability
2016-12-14
http://www.securityfocus.com/bid/94739

SANS News

UAC Bypass in JScript Dropper

Threatpost

Adobe Patches 31 Vulnerabilities, Flash Zero-Day Under Attack

Microsoft Patches Publicly Disclosed IE, Edge Vulnerabilities

Beta Firmware Updates Available for Vulnerable Netgear Routers

Zcash Spurs Rash of Malicious Mining Software

Law Enforcement Targets Users of DDoS-For-Hire Services

Exploit

 

13.12.2016

Bugtraq

[slackware-security] kernel (SSA:2016-347-01) 2016-12-12
Slackware Security Team (security slackware com)

[slackware-security] php (SSA:2016-347-03) 2016-12-12
Slackware Security Team (security slackware com)

Apple iOS/tvOS/watchOS Remote memory corruption through certificate 2016-12-12
submit cxsec org

APPLE-SA-2016-12-12-2 watchOS 3.1.1 2016-12-12
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-12-12-3 tvOS 10.1 2016-12-12
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-12-12-1 iOS 10.2 2016-12-12
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] CVE-2016-8745 Apache Tomcat Information Disclosure 2016-12-12
Mark Thomas (markt apache org)

[SECURITY] [DSA 3730-1] icedove security update 2016-12-11
Salvatore Bonaccorso (carnil debian org)

Malware

BrowserModifier:Win32/Linkhortry

Phishing

AOL

12th December 2016

new message

Wellsfargo Online

12th December 2016

Wells Fargo Fraud Prevention
Inquiry

Vulnerebility

Microsoft Windows Graphics Component CVE-2016-7259 Local Privilege Escalation Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94771

Microsoft Edge CVE-2016-7206 Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94737

Microsoft Edge CVE-2016-7296 Remote Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94738

Microsoft Internet Explorer and Edge CVE-2016-7281 Security Bypass Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94723

Microsoft Edge CVE-2016-7286 Remote Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94748

Microsoft Edge CVE-2016-7288 Remote Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94749

Microsoft Internet Explorer and Edge CVE-2016-7279 Remote Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94719

Microsoft Windows Graphics Component CVE-2016-7257 Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94755

Microsoft Edge CVE-2016-7181 Remote Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94735

Microsoft Windows Uniscribe CVE-2016-7274 Remote Code Execution Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94758

Microsoft Internet Explorer CVE-2016-7284 Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94725

Microsoft Internet Explorer CVE-2016-7283 Remote Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94726

Microsoft Internet Explorer CVE-2016-7278 Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94716

Roundcube CVE-2016-9920 Remote Code Execution Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94858

Microsoft Edge CVE-2016-7202 Scripting Engine Remote Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94042

Adobe Digital Editions CVE-2016-7888 Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94880

Adobe Flash Player APSB16-39 Unspecified Use After Free Remote Code Execution Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94877

EpubCheck CVE-2016-9487 XML External Entity Injection Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94864

Adobe Experience Manager CVE-2016-7885 Cross Site Request Forgery Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94876

Adobe Flash Player APSB16-39 Multiple Unspecified Remote Code Execution Vulnerabilities
2016-12-13
http://www.securityfocus.com/bid/94873

IBM QRadar Security Information and Event Manager Local Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94861

Adobe ColdFusion Builder CVE-2016-7887 Unspecified Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94874

Adobe Digital Editions CVE-2016-7889 XML Entity Parsing Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94879

Adobe DNG Converter CVE-2016-7856 Unspecified Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94875

Adobe InDesign and InDesign Server CVE-2016-7886 Unspecified Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94868

Adobe RoboHelp CVE-2016-7891 Cross Site Scripting Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94878

Adobe Animate CVE-2016-7866 Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94872

Adobe Experience Manager Multiple Cross Site Scripting Vulnerabilities
2016-12-13
http://www.securityfocus.com/bid/94869

Adobe Experience Manager and LiveCycle Multiple Cross Site Scripting Vulnerabilities
2016-12-13
http://www.securityfocus.com/bid/94867

Adobe Flash Player APSB16-39 Multiple Unspecified Buffer Overflow Vulnerabilities
2016-12-13
http://www.securityfocus.com/bid/94871Apple iOS/WatchOS/tvOS CVE-2016-7626 Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94852

Apple iOS APPLE-SA-2016-12-12-1 Multiple Security Vulnerabilities
2016-12-13
http://www.securityfocus.com/bid/94850

Apple iOS and watchOS CVE-2016-7651 Security Bypass Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94851

PHP 'ext/standard/var.c' Incomplete Fix Use After Free Remote Code Execution Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94849

PHP 'ext/wddx/wddx.c' NULL pointer Dereference Remote Denial of Service Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94845

McAfee VirusScan Enterprise Multiple Security Vulnerabilities
2016-12-13
http://www.securityfocus.com/bid/94823

IBM Jazz Reporting Service CVE-2016-5898 Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94848

PHP 'ext/wddx/wddx.c' Denial of Service Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94846

IBM Jazz Reporting Service CVE-2016-6047 Cross Site Scripting Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94843

IBM Jazz Reporting Service CVE-2016-5899 Cross Site Scripting Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94844

FFmpeg CVE-2016-7905 Denial of Service Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94837

FFmpeg 'libavcodec/g726.c' Out of Bounds Read Denial of Service Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94841

IBM Jazz Reporting Service CVE-2016-6054 Cross Site Scripting Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94842

Multiple Sony IPELA Engine IP Cameras Unspecified Remote Code Execution Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94840

FFmpeg CVE-2016-7555 Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94838

FFmpeg 'libavformat/avidec.c' Denial of Service Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94839

FFmpeg CVE-2016-7562 Denial of Service Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94835

Huawei P9 and P9 Lite CVE-2016-8776 Security Bypass Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94836

FFmpeg CVE-2016-7502 Out of Bounds Read Denial of Service Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94834

FFmpeg CVE-2016-7785 Denial of Service Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94833

Sleipnir for Mac CVE-2016-7831 Remote Security Bypass Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94830

Huawei Storage Products CVE-2016-8801 Remote Privilege Escalation Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94832

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-12-13
http://www.securityfocus.com/bid/93793

Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94828

Multiple Huawei CloudEngine Products CVE-2016-8795 Integer Overflow Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94504

Bank of Tokyo Mitsubishi UFJ CVE-2016-7812 Man in the Middle Information Disclosure Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94829

Cybozu Dezie JVN#16781735 Multiple Security Bypass Vulnerabilities
2016-12-13
http://www.securityfocus.com/bid/94831

SIMATIC WinCC and SIMATIC PCS 7 CVE-2016-9160 ActiveX Control Security Bypass Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94825

QEMU 'qemu-char.c' Denial of Service Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94827

Linux Kernel CVE-2016-9576 Use After Free Memory Corruption Vulnerability
2016-12-13
http://www.securityfocus.com/bid/94821

SANS News

December 2016 Patch Tuesday Brief and Updates

Threatpost

Netgear Routers Remain Exposed to Critical Flaw

Apple Fixes 12 Vulnerabilities in iOS 10.2

Facebook Releases Free Certificate Transparency Monitoring Tool

Exploit

McAfee Virus Scan Enterprise for Linux - Remote Code Execution

Joomla Component DT Register - 'cat' SQL Injection

Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow

WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery

Smart Guard Network Manager 6.3.2 - SQL Injection

iOS 10.1.x - Certificate File Memory Corruption

TP-LINK TD-W8151N - Denial of Service

Serva 3.0.0 HTTP Server - Denial of Service

Microsoft Internet Explorer 9 IEFRAME -...

12.12.2016

Bugtraq

[SECURITY] CVE-2016-8745 Apache Tomcat Information Disclosure 2016-12-12
Mark Thomas (markt apache org)

[SECURITY] [DSA 3730-1] icedove security update 2016-12-11
Salvatore Bonaccorso (carnil debian org)

MSIE 9 MSHTML CElement::Has­Flag memory corruption 2016-12-09
Berend-Jan Wever (berendj nwever nl)

Symantec VIP Access Desktop Arbitrary DLL Execution 2016-12-09
apparitionsec gmail com - hyp3rlinx

Malware

Backdoor:Win32/Wingbird.A!dha

Linux.Mirai

Trojan.Gen.8

Phishing

 

Vulnerebility

Google Chrome Prior to 44.0.2403.89 Multiple Security Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/75973

Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/52379

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/93150

Apple iOS/macOS/tvOS/watchOS CVE-2016-4688 Buffer Overflow Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94572

Apple macOS CVE-2016-7584 Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94571

iCloud Setup for Windows CVE-2016-7583 Remote Code Execution Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94570

Mozilla Firefox CVE-2016-9078 URL Redirection Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94569

Red Hat JBoss BRMS and BPM Suite CVE-2016-8608 Incomplete Fix HTML Injection Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94568

Drools CVE-2016-7041 Directory Traversal Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94566

WordPress Dukapress Plugin 'dukapress/download.php' SQL Injection Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94567

WordPress Image Gallery Plugin HTML Injection Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94565

WordPress simple-image-manipulator Plugin 'download.php' Arbitrary File Download Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94563

Guidance Software EnCase Multiple Security Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94564

Core FTP Client Buffer Overflow Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94562

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94499

metapixel 'rwgif.c' Heap Buffer Overflow Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94466

IBM BigFix Remote Control CVE-2016-2927 Information Disclosure Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94561

IBM BigFix Remote Control CVE-2016-2929 Information Disclosure Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94560

WebKit CVE-2016-9642 Memory Corruption Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94554

WebKit CVE-2016-9643 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94559

Multiple IBM Products CVE-2016-0284 XML External Entity Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94555

IBM iNotes CVE-2016-0282 Cross Site Scripting Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94558

IBM BigFix Remote Control CVE-2016-2928 Information Disclosure Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94556

Multiple IBM Products CVE-2016-0273 Cross Site Scripting Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94557

Multiple IBM Products CVE-2016-0285 HTML Injection Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94550

Cybozu Kintone App CVE-2016-7816 SSL Certificate Validation Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94547

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94552

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94549

SaltStack Salt CVE-2016-9639 Information Disclosure Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94553

InPage '.inp' File Parser Remote Code Execution Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94548FFmpeg CVE-2016-7502 Out of Bounds Read Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94834

FFmpeg CVE-2016-7785 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94833

Sleipnir for Mac CVE-2016-7831 Remote Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94830

Huawei Storage Products CVE-2016-8801 Remote Privilege Escalation Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94832

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-12-12
http://www.securityfocus.com/bid/93793

Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94828

Multiple Huawei CloudEngine Products CVE-2016-8795 Integer Overflow Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94504

McAfee VirusScan Enterprise Multiple Security Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94823

Bank of Tokyo Mitsubishi UFJ CVE-2016-7812 Man in the Middle Information Disclosure Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94829

Cybozu Dezie JVN#16781735 Multiple Security Bypass Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94831

SIMATIC WinCC and SIMATIC PCS 7 CVE-2016-9160 ActiveX Control Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94825

QEMU 'qemu-char.c' Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94827

Linux Kernel CVE-2016-9576 Use After Free Memory Corruption Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94821

Linux Kernel 'net/ipv6/icmp.c' Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94824

OpenJPEG Multiple Remote Heap Based Buffer Overflow Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94822

SIMATIC S7-300 and S7-400 CPUs Denial of Service and Information Disclosure Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94820

Multiple Netgear Routers VU#582384 Remote Command Injection Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94819

Cisco Hybrid Media Service CVE-2016-6470 Local Privilege Escalation Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94818

Multiple Cisco Products CVE-2016-9209 Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94817

Cisco Nexus 1000V InterCloud CVE-2016-9204 Default Credentials Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94816

Cisco IOS Software CVE-2016-6473 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94815

Cisco IOS XR Software CVE-2016-9205 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94813

Cisco FireAMP Connector Endpoint Software CVE-2016-6449 Local Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94814

Cisco IOS XR Software CVE-2016-9215 Default Credential Local Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94812

Cisco IOS and Cisco IOS XE Software CVE-2016-9201 Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94811

Cisco Identity Services Engine CVE-2016-9198 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94810

IBM Tivoli Storage Manager Client CVE-2016-5985 Local Buffer Overflow Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94808

Microsoft Remote Desktop Client for Mac Remote Code Execution Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94809

Cisco Identity Services Engine CVE-2016-9214 Cross Site Scripting Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94807

Drupal JavaScript Callback Handler Module Multiple Unspecified Security Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94804Cisco Hybrid Media Service CVE-2016-6470 Local Privilege Escalation Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94818

Multiple Cisco Products CVE-2016-9209 Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94817

Cisco Nexus 1000V InterCloud CVE-2016-9204 Default Credentials Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94816

Cisco IOS Software CVE-2016-6473 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94815

Cisco IOS XR Software CVE-2016-9205 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94813

Cisco FireAMP Connector Endpoint Software CVE-2016-6449 Local Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94814

Cisco IOS XR Software CVE-2016-9215 Default Credential Local Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94812

Cisco IOS and Cisco IOS XE Software CVE-2016-9201 Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94811

Cisco Identity Services Engine CVE-2016-9198 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94810

IBM Tivoli Storage Manager Client CVE-2016-5985 Local Buffer Overflow Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94808

Microsoft Remote Desktop Client for Mac Remote Code Execution Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94809

Cisco Identity Services Engine CVE-2016-9214 Cross Site Scripting Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94807

Drupal JavaScript Callback Handler Module Multiple Unspecified Security Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94804

QEMU Divide By Zero Multiple Denial of Service Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94803

Cisco Prime Collaboration Assurance CVE-2016-9200 Cross Site Scripting Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94806

QEMU VirtFS Multiple Denial of Service Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94729

Cisco Firepower Management Center CVE-2016-6471 Information Disclosure Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94805

Cisco Firepower Management Center and FireSIGHT System Software Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94801

Cisco Unified Communications Manager IM and Presence Service Information Disclosure Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94802

Cisco Emergency Responder CVE-2016-9208 Directory Traversal Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94800

Asterisk Open Source AST-2016-008 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94792

Cisco AsyncOS Software CVE-2016-9202 Cross Site Scripting Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94799

Multiple Cisco Products CVE-2016-9207 Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94797

Cisco ASR 5000 Series Software CVE-2016-9203 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94790

Cisco Emergency Responder CVE-2016-6468 Cross Site Request Forgery Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94786

Cisco Unified Communications Manager CVE-2016-9210 Directory Traversal Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94798

Cisco ONS 15454 Series Multiservice Provisioning Platforms Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94795

Cisco AsyncOS Software CVE-2016-1411 Man in the Middle Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94791

Cisco Unified Communications Manager CVE-2016-9206 Cross Site Scripting Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94793

Asterisk Open Source and Certified Asterisk 'chan_sip' Driver Authentication Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94789Cisco Hybrid Media Service CVE-2016-6470 Local Privilege Escalation Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94818

Multiple Cisco Products CVE-2016-9209 Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94817

Cisco Nexus 1000V InterCloud CVE-2016-9204 Default Credentials Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94816

Cisco IOS Software CVE-2016-6473 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94815

Cisco IOS XR Software CVE-2016-9205 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94813

Cisco FireAMP Connector Endpoint Software CVE-2016-6449 Local Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94814

Cisco IOS XR Software CVE-2016-9215 Default Credential Local Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94812

Cisco IOS and Cisco IOS XE Software CVE-2016-9201 Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94811

Cisco Identity Services Engine CVE-2016-9198 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94810

IBM Tivoli Storage Manager Client CVE-2016-5985 Local Buffer Overflow Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94808

Microsoft Remote Desktop Client for Mac Remote Code Execution Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94809

Cisco Identity Services Engine CVE-2016-9214 Cross Site Scripting Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94807

Drupal JavaScript Callback Handler Module Multiple Unspecified Security Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94804

QEMU Divide By Zero Multiple Denial of Service Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94803

Cisco Prime Collaboration Assurance CVE-2016-9200 Cross Site Scripting Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94806

QEMU VirtFS Multiple Denial of Service Vulnerabilities
2016-12-12
http://www.securityfocus.com/bid/94729

Cisco Firepower Management Center CVE-2016-6471 Information Disclosure Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94805

Cisco Firepower Management Center and FireSIGHT System Software Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94801

Cisco Unified Communications Manager IM and Presence Service Information Disclosure Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94802

Cisco Emergency Responder CVE-2016-9208 Directory Traversal Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94800

Asterisk Open Source AST-2016-008 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94792

Cisco AsyncOS Software CVE-2016-9202 Cross Site Scripting Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94799

Multiple Cisco Products CVE-2016-9207 Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94797

Cisco ASR 5000 Series Software CVE-2016-9203 Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94790

Cisco Emergency Responder CVE-2016-6468 Cross Site Request Forgery Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94786

Cisco Unified Communications Manager CVE-2016-9210 Directory Traversal Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94798

Cisco ONS 15454 Series Multiservice Provisioning Platforms Denial of Service Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94795

Cisco AsyncOS Software CVE-2016-1411 Man in the Middle Security Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94791

Cisco Unified Communications Manager CVE-2016-9206 Cross Site Scripting Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94793

Asterisk Open Source and Certified Asterisk 'chan_sip' Driver Authentication Bypass Vulnerability
2016-12-12
http://www.securityfocus.com/bid/94789

SANS News

5 Questions to Ask your IoT Vendors; But Do Not Expect an Answer.

Threatpost

German Industrial Giant Victim of Cyber Espionage

Exploit

OpenSSL 1.1.0a/1.1.0b - Denial of Service

Smart Guard Network Manager 6.3.2 - SQL Injection

ARG-W4 ADSL Router - Multiple Vulnerabilities

Netgear R7000 - Cross-Site Scripting

EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation

11.12.2016

Bugtraq

 

Malware

Trojan:Win64/Depriz.D!dha
Trojan:Win32/Depriz.C!dha

Trojan:Win32/Depriz.A!dha

Trojan:Win32/Depriz.B!dha

Trojan:Win32/Cadlotcorg.A

Win32/Depriz

X97M.Goldendrop

Phishing

Email Administrator

10th December 2016

Account Suspection Notice

Bank of America

9th December 2016

Bank of America Alert: Your
Online Access is Temporarily
Locked

Vulnerebility

Cisco Hybrid Media Service CVE-2016-6470 Local Privilege Escalation Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94818

Multiple Cisco Products CVE-2016-9209 Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94817

Cisco Nexus 1000V InterCloud CVE-2016-9204 Default Credentials Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94816

Cisco IOS Software CVE-2016-6473 Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94815

Cisco IOS XR Software CVE-2016-9205 Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94813

Cisco FireAMP Connector Endpoint Software CVE-2016-6449 Local Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94814

Cisco IOS XR Software CVE-2016-9215 Default Credential Local Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94812

Cisco IOS and Cisco IOS XE Software CVE-2016-9201 Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94811

Cisco Identity Services Engine CVE-2016-9198 Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94810

IBM Tivoli Storage Manager Client CVE-2016-5985 Local Buffer Overflow Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94808

Microsoft Remote Desktop Client for Mac Remote Code Execution Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94809

Cisco Identity Services Engine CVE-2016-9214 Cross Site Scripting Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94807

Drupal JavaScript Callback Handler Module Multiple Unspecified Security Vulnerabilities
2016-12-11
http://www.securityfocus.com/bid/94804

QEMU Divide By Zero Multiple Denial of Service Vulnerabilities
2016-12-11
http://www.securityfocus.com/bid/94803

Cisco Prime Collaboration Assurance CVE-2016-9200 Cross Site Scripting Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94806

QEMU VirtFS Multiple Denial of Service Vulnerabilities
2016-12-11
http://www.securityfocus.com/bid/94729

Cisco Firepower Management Center CVE-2016-6471 Information Disclosure Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94805

Cisco Firepower Management Center and FireSIGHT System Software Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94801

Cisco Unified Communications Manager IM and Presence Service Information Disclosure Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94802

Cisco Emergency Responder CVE-2016-9208 Directory Traversal Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94800

Asterisk Open Source AST-2016-008 Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94792

Cisco AsyncOS Software CVE-2016-9202 Cross Site Scripting Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94799

Multiple Cisco Products CVE-2016-9207 Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94797

Cisco ASR 5000 Series Software CVE-2016-9203 Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94790

Cisco Emergency Responder CVE-2016-6468 Cross Site Request Forgery Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94786

Cisco Unified Communications Manager CVE-2016-9210 Directory Traversal Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94798

Cisco ONS 15454 Series Multiservice Provisioning Platforms Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94795

Cisco AsyncOS Software CVE-2016-1411 Man in the Middle Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94791

Cisco Unified Communications Manager CVE-2016-9206 Cross Site Scripting Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94793

Asterisk Open Source and Certified Asterisk 'chan_sip' Driver Authentication Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94789
Cisco Hybrid Media Service CVE-2016-6470 Local Privilege Escalation Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94818

Multiple Cisco Products CVE-2016-9209 Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94817

Cisco Nexus 1000V InterCloud CVE-2016-9204 Default Credentials Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94816

Cisco IOS Software CVE-2016-6473 Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94815

Cisco IOS XR Software CVE-2016-9205 Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94813

Cisco FireAMP Connector Endpoint Software CVE-2016-6449 Local Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94814

Cisco IOS XR Software CVE-2016-9215 Default Credential Local Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94812

Cisco IOS and Cisco IOS XE Software CVE-2016-9201 Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94811

Cisco Identity Services Engine CVE-2016-9198 Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94810

IBM Tivoli Storage Manager Client CVE-2016-5985 Local Buffer Overflow Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94808

Microsoft Remote Desktop Client for Mac Remote Code Execution Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94809

Cisco Identity Services Engine CVE-2016-9214 Cross Site Scripting Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94807

Drupal JavaScript Callback Handler Module Multiple Unspecified Security Vulnerabilities
2016-12-11
http://www.securityfocus.com/bid/94804

QEMU Divide By Zero Multiple Denial of Service Vulnerabilities
2016-12-11
http://www.securityfocus.com/bid/94803

Cisco Prime Collaboration Assurance CVE-2016-9200 Cross Site Scripting Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94806

QEMU VirtFS Multiple Denial of Service Vulnerabilities
2016-12-11
http://www.securityfocus.com/bid/94729

Cisco Firepower Management Center CVE-2016-6471 Information Disclosure Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94805

Cisco Firepower Management Center and FireSIGHT System Software Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94801

Cisco Unified Communications Manager IM and Presence Service Information Disclosure Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94802

Cisco Emergency Responder CVE-2016-9208 Directory Traversal Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94800

Asterisk Open Source AST-2016-008 Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94792

Cisco AsyncOS Software CVE-2016-9202 Cross Site Scripting Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94799

Multiple Cisco Products CVE-2016-9207 Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94797

Cisco ASR 5000 Series Software CVE-2016-9203 Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94790

Cisco Emergency Responder CVE-2016-6468 Cross Site Request Forgery Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94786

Cisco Unified Communications Manager CVE-2016-9210 Directory Traversal Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94798

Cisco ONS 15454 Series Multiservice Provisioning Platforms Denial of Service Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94795

Cisco AsyncOS Software CVE-2016-1411 Man in the Middle Security Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94791

Cisco Unified Communications Manager CVE-2016-9206 Cross Site Scripting Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94793

Asterisk Open Source and Certified Asterisk 'chan_sip' Driver Authentication Bypass Vulnerability
2016-12-11
http://www.securityfocus.com/bid/94789Cisco Hybrid Media Service CVE-2016-6470 Local Privilege Escalation Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94818

Multiple Cisco Products CVE-2016-9209 Security Bypass Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94817

Cisco Nexus 1000V InterCloud CVE-2016-9204 Default Credentials Security Bypass Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94816

Cisco IOS Software CVE-2016-6473 Denial of Service Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94815

Cisco IOS XR Software CVE-2016-9205 Denial of Service Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94813

Cisco FireAMP Connector Endpoint Software CVE-2016-6449 Local Denial of Service Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94814

Cisco IOS XR Software CVE-2016-9215 Default Credential Local Security Bypass Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94812

Cisco IOS and Cisco IOS XE Software CVE-2016-9201 Security Bypass Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94811

Cisco Identity Services Engine CVE-2016-9198 Denial of Service Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94810

IBM Tivoli Storage Manager Client CVE-2016-5985 Local Buffer Overflow Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94808

Microsoft Remote Desktop Client for Mac Remote Code Execution Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94809

Cisco Identity Services Engine CVE-2016-9214 Cross Site Scripting Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94807

Drupal JavaScript Callback Handler Module Multiple Unspecified Security Vulnerabilities
2016-12-10
http://www.securityfocus.com/bid/94804

QEMU Divide By Zero Multiple Denial of Service Vulnerabilities
2016-12-10
http://www.securityfocus.com/bid/94803

Cisco Prime Collaboration Assurance CVE-2016-9200 Cross Site Scripting Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94806

QEMU VirtFS Multiple Denial of Service Vulnerabilities
2016-12-10
http://www.securityfocus.com/bid/94729

Cisco Firepower Management Center CVE-2016-6471 Information Disclosure Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94805

Cisco Firepower Management Center and FireSIGHT System Software Security Bypass Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94801

Cisco Unified Communications Manager IM and Presence Service Information Disclosure Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94802

Cisco Emergency Responder CVE-2016-9208 Directory Traversal Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94800

Asterisk Open Source AST-2016-008 Denial of Service Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94792

Cisco AsyncOS Software CVE-2016-9202 Cross Site Scripting Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94799

Multiple Cisco Products CVE-2016-9207 Security Bypass Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94797

Cisco ASR 5000 Series Software CVE-2016-9203 Denial of Service Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94790

Cisco Emergency Responder CVE-2016-6468 Cross Site Request Forgery Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94786

Cisco Unified Communications Manager CVE-2016-9210 Directory Traversal Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94798

Cisco ONS 15454 Series Multiservice Provisioning Platforms Denial of Service Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94795

Cisco AsyncOS Software CVE-2016-1411 Man in the Middle Security Bypass Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94791

Cisco Unified Communications Manager CVE-2016-9206 Cross Site Scripting Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94793

Asterisk Open Source and Certified Asterisk 'chan_sip' Driver Authentication Bypass Vulnerability
2016-12-10
http://www.securityfocus.com/bid/94789

SANS News

Mirai - now with DGA

Threatpost

Yahoo Mail XSS Bug Worth Another $10K to Researcher

Ransomware Gives Free Decryption Keys to Victims Who Infect Others

Exploit

Microsoft Internet Explorer 9 MSHTML - CElement::Has≠Flag Memory Corruption

Microsoft Internet Explorer 9 MSHTML - CDisp≠Node::Insert≠Sibling≠Node Us...

Microsoft Internet Explorer 9 MSHTML - CDisp≠Node::Insert≠Sibling≠Node Us...

Splunk Enterprise 6.4.3 - Server-Side Request Forgery

Roundcube 1.2.2 - Remote Code Execution

9.12.2016

Bugtraq

MSIE 9 MSHTML CElement::Has­Flag memory corruption 2016-12-09
Berend-Jan Wever (berendj nwever nl)

Symantec VIP Access Desktop Arbitrary DLL Execution 2016-12-09
apparitionsec gmail com - hyp3rlinx

AST-2016-009: <br> 2016-12-08
Asterisk Security Team (security asterisk org)

AST-2016-008: Crash on SDP offer or answer from endpoint using Opus 2016-12-08
Asterisk Security Team (security asterisk org)

CVE-2013-1306: MSIE 9 MSHTML CDisp­Node::Insert­Sibling­Node use-after-free details 2016-12-08
Berend-Jan Wever (berendj nwever nl)

[security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information 2016-12-07
security-alert hpe com

Malware

 

Phishing

AOL

8th December 2016

Somebody seems to have marked
your current account

Chase online

8th December 2016

New Security Alert

MR. Don C.John

8th December 2016

RE: 2016 VICTIMS COMPENSATION
FROM THE IMF BENIN

Vulnerebility

Cisco Emergency Responder CVE-2016-6468 Cross Site Request Forgery Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94786

Cisco AsyncOS Software CVE-2016-1411 Man in the Middle Security Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94791

Cisco Unified Communications Manager CVE-2016-9206 Cross Site Scripting Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94793

Asterisk Open Source and Certified Asterisk 'chan_sip' Driver Authentication Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94789

Cisco IOS and IOS XE Software CVE-2016-9199 Directory Traversal Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94788

Multiple Moxa MiiNePort Products Information Disclosure and Security Bypass Vulnerabilities
2016-12-09
http://www.securityfocus.com/bid/94783

Sauter NovaWeb Web HMI CVE-2016-5782 Authentication Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94782

A850 Telemetry Gateway Base Station CVE-2016-2274 Cross Site Scripting Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94781

PHP FormMail Generator VU#494015 Multiple Security Vulnerabilities
2016-12-09
http://www.securityfocus.com/bid/94778

INTERSCHALT VDR G4e CVE-2016-9339 Directory Traversal Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94776

Symantec VIP Access Desktop DLL Loading CVE-2016-6593 Local Code Execution Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94731

Cisco AsyncOS CVE-2016-6469 Remote Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94775

Cisco IOS and IOS XE Software CVE-2016-6474 Authentication Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94773

Cisco Web Security Appliance CVE-2016-9212 Remote Security Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94774

Cisco ASR 5000 Series Aggregation Services Routers CVE-2016-6467 Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94772

Cisco AnyConnect Secure Mobility Client CVE-2016-9192 Local Privilege Escalation Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94770

QEMU '/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94765

libming 'parser.c' Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94767

Apache CouchDB CVE-2016-8742 Local Privilege Escalation Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94766

QEMU 'ehci_init_transfer()' Function Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94762

QEMU 'hw/display/virtio-gpu.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94760

QEMU '/hw/usb/redirect.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94759

QEMU 'virtio-gpu-3d.c' Information Disclosure Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94761

QEMU '/hw/display/virtio-gpu-3d.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94763

RETIRED: LibTIFF Multiple Security Vulnerabilites
2016-12-09
http://www.securityfocus.com/bid/94484

LibTIFF CVE-2016-9539 Memory Corruption Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94754

LibTIFF CVE-2016-9538 Integer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94753

LibTIFF CVE-2016-9534 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94743

LibTIFF CVE-2016-9536 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94745

LibTIFF CVE-2016-9535 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94744PHP FormMail Generator VU#494015 Multiple Security Vulnerabilities
2016-12-09
http://www.securityfocus.com/bid/94778

INTERSCHALT VDR G4e CVE-2016-9339 Directory Traversal Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94776

Symantec VIP Access Desktop DLL Loading CVE-2016-6593 Local Code Execution Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94731

Cisco AsyncOS CVE-2016-6469 Remote Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94775

Cisco IOS and IOS XE Software CVE-2016-6474 Authentication Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94773

Cisco Web Security Appliance CVE-2016-9212 Remote Security Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94774

Cisco ASR 5000 Series Aggregation Services Routers CVE-2016-6467 Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94772

Cisco AnyConnect Secure Mobility Client CVE-2016-9192 Local Privilege Escalation Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94770

QEMU '/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94765

libming 'parser.c' Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94767

Apache CouchDB CVE-2016-8742 Local Privilege Escalation Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94766

QEMU 'ehci_init_transfer()' Function Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94762

QEMU 'hw/display/virtio-gpu.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94760

QEMU '/hw/usb/redirect.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94759

QEMU 'virtio-gpu-3d.c' Information Disclosure Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94761

QEMU '/hw/display/virtio-gpu-3d.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94763

RETIRED: LibTIFF Multiple Security Vulnerabilites
2016-12-09
http://www.securityfocus.com/bid/94484

LibTIFF CVE-2016-9539 Memory Corruption Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94754

LibTIFF CVE-2016-9538 Integer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94753

LibTIFF CVE-2016-9534 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94743

LibTIFF CVE-2016-9536 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94745

LibTIFF CVE-2016-9535 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94744

LibTIFF CVE-2016-9537 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94746

FFmpeg CVE-2016-8595 Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94757

LibTIFF CVE-2016-9533 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94742

LibTIFF CVE-2016-9540 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94747

FFmpeg CVE-2016-9561 Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94756

ForeScout CounterACT SecureConnector Agent Multiple Insecure File Creation Vulnerabilities
2016-12-09
http://www.securityfocus.com/bid/94740

PwC ACE-ABAP CVE-2016-9832 Remote Code Execution Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94733

Libav Multiple Denial of Service Vulnerabilities
2016-12-09
http://www.securityfocus.com/bid/94732Symantec VIP Access Desktop DLL Loading CVE-2016-6593 Local Code Execution Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94731

Cisco AsyncOS CVE-2016-6469 Remote Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94775

Cisco IOS and IOS XE Software CVE-2016-6474 Authentication Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94773

Cisco Web Security Appliance CVE-2016-9212 Remote Security Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94774

Cisco ASR 5000 Series Aggregation Services Routers CVE-2016-6467 Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94772

Cisco AnyConnect Secure Mobility Client CVE-2016-9192 Local Privilege Escalation Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94770

QEMU '/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94765
Cisco AsyncOS CVE-2016-6469 Remote Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94775

Cisco IOS and IOS XE Software CVE-2016-6474 Authentication Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94773

Cisco Web Security Appliance CVE-2016-9212 Remote Security Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94774

Cisco ASR 5000 Series Aggregation Services Routers CVE-2016-6467 Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94772

Cisco AnyConnect Secure Mobility Client CVE-2016-9192 Local Privilege Escalation Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94770

QEMU '/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94765

libming 'parser.c' Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94767

Apache CouchDB CVE-2016-8742 Local Privilege Escalation Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94766

QEMU 'ehci_init_transfer()' Function Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94762

QEMU 'hw/display/virtio-gpu.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94760

QEMU '/hw/usb/redirect.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94759

QEMU 'virtio-gpu-3d.c' Information Disclosure Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94761

QEMU '/hw/display/virtio-gpu-3d.c' Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94763

RETIRED: LibTIFF Multiple Security Vulnerabilites
2016-12-09
http://www.securityfocus.com/bid/94484

LibTIFF CVE-2016-9539 Memory Corruption Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94754

LibTIFF CVE-2016-9538 Integer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94753

LibTIFF CVE-2016-9534 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94743

LibTIFF CVE-2016-9536 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94745

LibTIFF CVE-2016-9535 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94744

LibTIFF CVE-2016-9537 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94746

FFmpeg CVE-2016-8595 Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94757

LibTIFF CVE-2016-9533 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94742

LibTIFF CVE-2016-9540 Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94747

FFmpeg CVE-2016-9561 Denial of Service Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94756

ForeScout CounterACT SecureConnector Agent Multiple Insecure File Creation Vulnerabilities
2016-12-09
http://www.securityfocus.com/bid/94740

PwC ACE-ABAP CVE-2016-9832 Remote Code Execution Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94733

Libav Multiple Denial of Service Vulnerabilities
2016-12-09
http://www.securityfocus.com/bid/94732

SimpleSAMLphp CVE-2016-9814 Security Bypass Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94730

QEMU VirtFS Multiple Denial of Service Vulnerabilities
2016-12-09
http://www.securityfocus.com/bid/94729

Info-ZIP UnZip 'zipinfo.c' Heap Buffer Overflow Vulnerability
2016-12-09
http://www.securityfocus.com/bid/94728

SANS News

 

Threatpost

Yahoo Mail XSS Bug Worth Another $10K to Researcher

NYU Students Apply Blockchain Solution to Electronic Voting Security

Exploit

 

8.12.2016

Bugtraq

CVE-2013-1306: MSIE 9 MSHTML CDisp­Node::Insert­Sibling­Node use-after-free details 2016-12-08
Berend-Jan Wever (berendj nwever nl)

[security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information 2016-12-07
security-alert hpe com

Microsoft Remote Desktop Client for Mac Remote Code Execution 2016-12-07
Filippo Cavallarin (filippo cavallarin wearesegment com)

[ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security 2016-12-07
ESNC Security (secure esnc de)

CVE-2015-1730: MSIE jscript9 Java­Script­Stack­Walker memory corruption details and PoC 2016-12-06
Berend-Jan Wever (berendj nwever nl)

Malware

W97M.Downloader.O

W97M.Downloader.N

Phishing

AOL

7th December 2016

Someone has now marked your
current profile page

AOL

7th December 2016

Gertrude78 has posted you a
buddy request

AOL

7th December 2016

Someone has recently tagged
your own account

AOL

7th December 2016

A woman has now marked your
current profile

AOL

7th December 2016

A girl has already tagged your
current profile

Wells Fargo Online Banking

7th December 2016

Wells Fargo Information
Updated

no-reply

7th December 2016

WE NEED YOUR HELP ASAP

service

7th December 2016

ACCOUNT NOTIFICATION

AOL

7th December 2016

Halle65 has placed a new
friend request

Vulnerebility

SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2016-12-08
http://www.securityfocus.com/bid/73684

OpenJPEG CVE-2016-9675 Incomplete Fix Multiple Remote Heap Based Buffer Overflow Vulnerabilities
2016-12-08
http://www.securityfocus.com/bid/94589

Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94588

Emerson DeltaV CVE-2016-9345 Local Privilege Escalation Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94584

Multiple Emerson Products CVE-2016-9347 Security Bypass Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94586

Dell iDRAC7 and iDRAC8 Devices CVE-2016-5685 Code Injection Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94585

Emerson Liebert SiteScan CVE-2016-8348 XML External Entity Information Disclosure Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94587

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-08
http://www.securityfocus.com/bid/94335

JasPer CVE-2016-8654 Multiple Remote Heap Buffer Overflow Vulnerabilities
2016-12-08
http://www.securityfocus.com/bid/94583

IBM FileNet Workplace XT CVE-2016-8921 Unspecified Arbitrary File Upload Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94582

Xen XSA-201 Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94581

Zurb Foundation tooltip Plugin 'foundation.tooltip.js' Cross Site Scripting Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94580

Neovim CVE-2016-1248 Command Execution Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94478

Multiple Micro Focus Products CVE-2016-5765 Directory Traversal Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94579

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93965

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93962

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93964

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93844

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93474

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93957

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93567

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93842

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93563

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93956

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93955

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93473

QEMU 'hw/usb/hcd-xhci.c' Infinite Loop Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93469

QEMU CVE-2016-7170 Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/92904

QEMU 'hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/93273

QEMU Infinite Loop CVE-2016-7421 Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/92998
ForeScout CounterACT SecureConnector Agent Multiple Insecure File Creation Vulnerabilities
2016-12-08
http://www.securityfocus.com/bid/94740

PwC ACE-ABAP CVE-2016-9832 Remote Code Execution Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94733

Libav Multiple Denial of Service Vulnerabilities
2016-12-08
http://www.securityfocus.com/bid/94732

SimpleSAMLphp CVE-2016-9814 Security Bypass Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94730

QEMU VirtFS Multiple Denial of Service Vulnerabilities
2016-12-08
http://www.securityfocus.com/bid/94729

Info-ZIP UnZip 'zipinfo.c' Heap Buffer Overflow Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94728

ImageMagick 'coders/tiff.c' Remote Buffer Overflow Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94727

Xen XSA-201 Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94581

LibTIFF CVE-2015-8870 Integer Overflow Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94717

Mozilla Firefox Multiple Security Vulnerabilities
2016-12-08
http://www.securityfocus.com/bid/92258

Mozilla Firefox Multiple Security Vulnerabilities
2016-12-08
http://www.securityfocus.com/bid/92261

Google Nexus CVE-2016-8400 Information Disclosure Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94713

Google Android CVE-2016-8396 Information Disclosure Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94712

Google Nexus CVE-2016-8397 Information Disclosure Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94714

Google Android CVE-2016-8399 Remote Privilege Escalation Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94708

Google Nexus Qualcomm Sound Driver CVE-2016-8410 Information Disclosure Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94709

Google Android NVIDIA Camera Driver CVE-2016-8395 Local Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94710

Google Android Package Manager CVE-2016-6774 Information Disclosure Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94705

Google Android Telephony CVE-2016-6763 Denial of Service Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94711

Google Android Mediaserver CVE-2016-6773 Information Disclosure Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94707

Google Android Framework APIs CVE-2016-6770 Remote Privilege Escalation Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94702

Google Android Smart Lock CVE-2016-6769 Local Privilege Escalation Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94703

Google Android CVE-2016-6771 Remote Privilege Escalation Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94706

Google Android CVE-2016-6762 Remote Privilege Escalation Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94700

Google Android Framesequence Library CVE-2016-6768 Remote Code Execution Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94704

Google Android Wi-Fi CVE-2016-6772 Remote Privilege Escalation Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94701

Xen CVE-2016-9637 Privilege Escalation Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94699

Tesla Gateway ECU CVE-2016-9337 Command Injection Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94697

Multple Locus Energy LGate products Products CVE-2016-5782 Command Injection Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94698

Sungard eTRAKiT3 CVE-2016-6566 SQL Injection Vulnerability
2016-12-08
http://www.securityfocus.com/bid/94696

SANS News

Good Cop; Bad Cop; Domain Cop?

Threatpost

New Call to Regulate IoT Security By Design

OpenVPN to Undergo Cryptographic Audit

Researchers Question Security in AMDís Upcoming Zen Chips

Buffer Overflow in BSD libc Library Patched
 

Buffer Overflow in BSD libc Library Patched

Solar Power Firm Patches Meters Vulnerable to Command Injection Attacks

Old Linux Kernel Code Execution Bug Patched

Exploit

Netgear R7000 - Command Injection

Windows x64 - Bind Shell TCP Shellcode (508 bytes)

7.12.2016

Bugtraq

[ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security 2016-12-07
ESNC Security (secure esnc de)

CVE-2015-1730: MSIE jscript9 Java­Script­Stack­Walker memory corruption details and PoC 2016-12-06
Berend-Jan Wever (berendj nwever nl)

Re: CVE-2016-3222: MS Edge CBaseScriptable::PrivateQueryInterface memory corruption 2016-12-06
Berend-Jan Wever (berendj nwever nl)

CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used 2016-12-05
Eissing Stefan (stefan eissing gmail com)

Malware

Ransom.Goldeneye

Phishing

AOL

7th December 2016

Halle65 has placed a new
friend request

AOL

6th December 2016

A person seems to have marked
your own account

service

6th December 2016

ACCOUNT NOTIFICATION

Vulnerebility

Google Android CVE-2016-6771 Remote Privilege Escalation Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94706

Google Android CVE-2016-6762 Remote Privilege Escalation Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94700

Google Android Framesequence Library CVE-2016-6768 Remote Code Execution Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94704

Google Android Wi-Fi CVE-2016-6772 Remote Privilege Escalation Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94701

Xen CVE-2016-9637 Privilege Escalation Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94699

Tesla Gateway ECU CVE-2016-9337 Command Injection Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94697

Multple Locus Energy LGate products Products CVE-2016-5782 Command Injection Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94698

Sungard eTRAKiT3 CVE-2016-6566 SQL Injection Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94696

BSD libc CVE-2016-6559 Stack Buffer Overflow Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94694

Linux Kernel CVE-2016-2069 TLB Flush Local Security Bypass Vulnerability
2016-12-07
http://www.securityfocus.com/bid/81809

Fortinet FortiOS CVE-2016-7542 Local Information Disclosure Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94690

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-12-07
http://www.securityfocus.com/bid/93793

Linux Kernel CVE-2016-8655 Local Race Condition Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94692

Google Nexus Qualcomm components Multiple Information Disclosure Vulnerabilities
2016-12-07
http://www.securityfocus.com/bid/94693

Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-12-07
http://www.securityfocus.com/bid/93544

Linux Kernel CVE-2016-6480 Local Information Disclosure Vulnerability
2016-12-07
http://www.securityfocus.com/bid/92214

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-12-07
http://www.securityfocus.com/bid/92452

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-12-07
http://www.securityfocus.com/bid/93541

Linux Kernel Local Security Bypass Vulnerability
2016-12-07
http://www.securityfocus.com/bid/92659

Linux Kernel CVE-2016-6327 Null Pointer Deference Local Denial of Service Vulnerability
2016-12-07
http://www.securityfocus.com/bid/92549

Google Android Multiple Kernel Components Multiple Information Disclosure Vulnerabilites
2016-12-07
http://www.securityfocus.com/bid/93326

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-12-07
http://www.securityfocus.com/bid/93037

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-12-07
http://www.securityfocus.com/bid/91704

Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability
2016-12-07
http://www.securityfocus.com/bid/91540

Linux Kernel NULL Pointer Dereference Local Denial of Service Vulnerability
2016-12-07
http://www.securityfocus.com/bid/61995

Google Android Qualcomm GPS Component CVE-2016-5341 Denial of Service Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94689

Google Nexus NVIDIA Video Driver Multiple Information Disclosure Vulnerabilities
2016-12-07
http://www.securityfocus.com/bid/94691

ARJ 'decode.c' Local Buffer Overflow Vulnerability
2016-12-07
http://www.securityfocus.com/bid/73413

ARJ CVE-2015-0556 Directory Traversal Vulnerability
2016-12-07
http://www.securityfocus.com/bid/71860

ARJ CVE-2015-0557 Directory Traversal Vulnerability
2016-12-07
http://www.securityfocus.com/bid/71895Sungard eTRAKiT3 CVE-2016-6566 SQL Injection Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94696

BSD libc CVE-2016-6559 Stack Buffer Overflow Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94694

Linux Kernel CVE-2016-2069 TLB Flush Local Security Bypass Vulnerability
2016-12-07
http://www.securityfocus.com/bid/81809

Fortinet FortiOS CVE-2016-7542 Local Information Disclosure Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94690

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-12-07
http://www.securityfocus.com/bid/93793

Linux Kernel CVE-2016-8655 Local Race Condition Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94692

Google Nexus Qualcomm components Multiple Information Disclosure Vulnerabilities
2016-12-07
http://www.securityfocus.com/bid/94693

Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-12-07
http://www.securityfocus.com/bid/93544

Linux Kernel CVE-2016-6480 Local Information Disclosure Vulnerability
2016-12-07
http://www.securityfocus.com/bid/92214

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-12-07
http://www.securityfocus.com/bid/92452

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-12-07
http://www.securityfocus.com/bid/93541

Linux Kernel Local Security Bypass Vulnerability
2016-12-07
http://www.securityfocus.com/bid/92659

Linux Kernel CVE-2016-6327 Null Pointer Deference Local Denial of Service Vulnerability
2016-12-07
http://www.securityfocus.com/bid/92549

Google Android Multiple Kernel Components Multiple Information Disclosure Vulnerabilites
2016-12-07
http://www.securityfocus.com/bid/93326

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-12-07
http://www.securityfocus.com/bid/93037

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-12-07
http://www.securityfocus.com/bid/91704

Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability
2016-12-07
http://www.securityfocus.com/bid/91540

Linux Kernel NULL Pointer Dereference Local Denial of Service Vulnerability
2016-12-07
http://www.securityfocus.com/bid/61995

Google Android Qualcomm GPS Component CVE-2016-5341 Denial of Service Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94689

Google Nexus NVIDIA Video Driver Multiple Information Disclosure Vulnerabilities
2016-12-07
http://www.securityfocus.com/bid/94691

ARJ 'decode.c' Local Buffer Overflow Vulnerability
2016-12-07
http://www.securityfocus.com/bid/73413

ARJ CVE-2015-0556 Directory Traversal Vulnerability
2016-12-07
http://www.securityfocus.com/bid/71860

ARJ CVE-2015-0557 Directory Traversal Vulnerability
2016-12-07
http://www.securityfocus.com/bid/71895

blkid 'blkid.c' Local Command Injection Vulnerability
2016-12-07
http://www.securityfocus.com/bid/71327

Google Android Mediaserver Multiple Denial of Service Vulnerabilities
2016-12-07
http://www.securityfocus.com/bid/94688

Google Android Kernel Components Multiple Information Disclosure Vulnerabilites
2016-12-07
http://www.securityfocus.com/bid/94686

Google Android MediaTek I2C Driver CVE-2016-6788 Privilege Escalation Vulnerability
2016-12-07
http://www.securityfocus.com/bid/94687

Google Android Broadcom Wi-Fi Driver Multiple Privilege Escalation Vulnerabilities
2016-12-07
http://www.securityfocus.com/bid/94685

Google Nexus Qualcomm Component CVE-2016-8411 Multiple Privilege Escalation Vulnerabilities
2016-12-07
http://www.securityfocus.com/bid/94684

Google Android MediaTek Drivers Multiple Privilege Escalation Vulnerabilities
2016-12-07
http://www.securityfocus.com/bid/94683

SANS News

Attacking NoSQL applications

The Passwords You Should Never Use

Threatpost

DailyMotion Hack Leaks Emails, Passwords of 87M Users

Flash Exploit Found in Seven Exploit Kits

Hackers Gamify DDoS Attacks With Collaborative Platform

Critical Vulnerability Patched in Roundcube Webmail

Exploit

TP-LINK TD-W8951ND - Denial of Service

OpenSSH 7.2 - Denial of Service

Cisco Unified Communications Manager 7/8/9 - Directory Traversal

Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC)

Microsoft Edge - CBase≠Scriptable::Private≠Query≠Interface Memory Corruption (M...

Microsoft Internet Explorer jscript9 - Java≠Script≠Stack≠Walker Memory Corruption (M...

Dual DHCP DNS Server 7.29 - Denial of Service

6.12.2016

Bugtraq

Re: CVE-2016-3222: MS Edge CBaseScriptable::PrivateQueryInterface memory corruption 2016-12-06
Berend-Jan Wever (berendj nwever nl)

CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used 2016-12-05
Eissing Stefan (stefan eissing gmail com)

Microsoft MSINFO32.EXE ".NFO" Files XML External Entity 2016-12-04
apparitionsec gmail com/hyp3rlinx

Microsoft Windows Media Center "ehshell.exe" XML External Entity 2016-12-04
apparitionsec gmail com/hyp3rlinx

[slackware-security] mozilla-firefox (SSA:2016-336-01) 2016-12-01
Slackware Security Team (security slackware com)

Malware

SoftwareBundler:Win32/Prepscram.B 
SoftwareBundler:Win32/Prepscram.C 
PUA:Win32/Prepscram 
SoftwareBundler:Win32/Prepscram.A 
SoftwareBundler:Win32/Prepscram!rfn 

Phishing

PAYPAL_SUPPORT

6th December 2016

Confirm your account

Vulnerebility

BSD libc CVE-2016-6559 Stack Buffer Overflow Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94694

Linux Kernel CVE-2016-2069 TLB Flush Local Security Bypass Vulnerability
2016-12-06
http://www.securityfocus.com/bid/81809

Fortinet FortiOS CVE-2016-7542 Local Information Disclosure Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94690

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93793

Linux Kernel CVE-2016-8655 Local Race Condition Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94692

Google Nexus Qualcomm components Multiple Information Disclosure Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94693

Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93544

Linux Kernel CVE-2016-6480 Local Information Disclosure Vulnerability
2016-12-06
http://www.securityfocus.com/bid/92214

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/92452

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93541

Linux Kernel Local Security Bypass Vulnerability
2016-12-06
http://www.securityfocus.com/bid/92659

Linux Kernel CVE-2016-6327 Null Pointer Deference Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/92549

Google Android Multiple Kernel Components Multiple Information Disclosure Vulnerabilites
2016-12-06
http://www.securityfocus.com/bid/93326

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93037

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-12-06
http://www.securityfocus.com/bid/91704

Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability
2016-12-06
http://www.securityfocus.com/bid/91540

Linux Kernel NULL Pointer Dereference Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/61995

Google Android Qualcomm GPS Component CVE-2016-5341 Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94689

Google Nexus NVIDIA Video Driver Multiple Information Disclosure Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94691

ARJ 'decode.c' Local Buffer Overflow Vulnerability
2016-12-06
http://www.securityfocus.com/bid/73413

ARJ CVE-2015-0556 Directory Traversal Vulnerability
2016-12-06
http://www.securityfocus.com/bid/71860

ARJ CVE-2015-0557 Directory Traversal Vulnerability
2016-12-06
http://www.securityfocus.com/bid/71895

blkid 'blkid.c' Local Command Injection Vulnerability
2016-12-06
http://www.securityfocus.com/bid/71327

Google Android Mediaserver Multiple Denial of Service Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94688

Google Android Kernel Components Multiple Information Disclosure Vulnerabilites
2016-12-06
http://www.securityfocus.com/bid/94686

Google Android MediaTek I2C Driver CVE-2016-6788 Privilege Escalation Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94687

Google Android Broadcom Wi-Fi Driver Multiple Privilege Escalation Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94685

Google Nexus Qualcomm Component CVE-2016-8411 Multiple Privilege Escalation Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94684

Google Android MediaTek Drivers Multiple Privilege Escalation Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94683

Google Android Synaptics Touchscreen Driver Multiple Privilege Escalation Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94682Google Nexus NVIDIA Video Driver Multiple Local Privilege Escalation Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94667

Joomla! Core CVE-2016-9836 Arbitrary File Upload Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94663

McAfee Application Control and Endpoint Security CVE-2016-8010 Local Security Bypass Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94661

NetApp Plug-in for Symantec NetBackup CVE-2016-7171 Security Bypass Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94659

SPIP CVE-2016-9152 Cross Site Scripting Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94658

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94335

Mozilla Firefox CVE-2016-9065 Location Bar Spoofing Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94342

Mozilla Network Security Services CVE-2016-9074 Multiple Security Bypass Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94341

Mozilla Firefox Multiple Security Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94336

Mozilla Firefox CVE-2016-9078 URL Redirection Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94569

Mozilla Firefox CVE-2016-5296 Heap Buffer Overflow Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94339

Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94591

Mozilla Firefox Multiple Security Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94337

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93643

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93637

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93621

Oracle Java SE CVE-2016-5556 Remote Security Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93618

Apache Struts CVE-2016-8738 Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94657

IBM Cloud Orchestrator CVE-2016-0206 Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94656

OpenAFS Directory Information Disclosure Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94651

Linux Kernel 'sound/core/pcm_lib.c' Local Use After Free Memory Corruption Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94654

Debian Tomcat Package Multiple Local Privilege Escalation Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94643

Linux Kernel 'lapic.c' Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94640

QEMU '/hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94638

Linux Kernel CVE-2016-9806 Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94653

Linux Kernel 'net/core/sock.c' Multiple Local Memory Corruption Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94655

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/92117

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/92987NetApp Plug-in for Symantec NetBackup CVE-2016-7171 Security Bypass Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94659

SPIP CVE-2016-9152 Cross Site Scripting Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94658

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94335

Mozilla Firefox CVE-2016-9065 Location Bar Spoofing Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94342

Mozilla Network Security Services CVE-2016-9074 Multiple Security Bypass Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94341

Mozilla Firefox Multiple Security Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94336

Mozilla Firefox CVE-2016-9078 URL Redirection Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94569

Mozilla Firefox CVE-2016-5296 Heap Buffer Overflow Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94339

Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94591

Mozilla Firefox Multiple Security Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94337

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93643

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93637

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93621

Oracle Java SE CVE-2016-5556 Remote Security Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93618

Apache Struts CVE-2016-8738 Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94657

IBM Cloud Orchestrator CVE-2016-0206 Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94656

OpenAFS Directory Information Disclosure Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94651

Linux Kernel 'sound/core/pcm_lib.c' Local Use After Free Memory Corruption Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94654

Debian Tomcat Package Multiple Local Privilege Escalation Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94643

Linux Kernel 'lapic.c' Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94640

QEMU '/hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94638

Linux Kernel CVE-2016-9806 Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/94653

Linux Kernel 'net/core/sock.c' Multiple Local Memory Corruption Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94655

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/92117

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-6309 Remote Code Execution Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93177

BlueZ Buffer Overflow and Denial of Service Vulnerabilities
2016-12-06
http://www.securityfocus.com/bid/94652

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-12-06
http://www.securityfocus.com/bid/93153

SANS News

 

Threatpost

Dirty Cow Vulnerability Patched in Android Security Bulletin

Exploit

Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index

Microsoft Edge - CMarkup::Ensure≠Delete≠CFState Use-After-Free (MS15-125)

Microsoft Internet Explorer 9 - CDoc::Execute≠Script≠Uri Use-After-Free (MS13-009)

Microsoft Edge - CBase≠Scriptable::Private≠Query≠Interface Memory Corruption (M...

Microsoft PowerShell - XML External Entity Injection

Microsoft Internet Explorer jscript9 - Java≠Script≠Stack≠Walker Memory Corruption (M...

Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap

DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow

Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH)

Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities

Wordpress Plugin Single Personal Message 1.0.3 - SQL Injection

Apache CouchDB 2.0.0 - Local Privilege Escalation

Microsoft MSINFO32.EXE 6.1.7601 - '.NFO' XML External Entity Injection

Microsoft Event Viewer 1.0 - XML External Entity Injection

NetCat 0.7.1 - Denial of Service

5.12.2016

Bugtraq

CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used 2016-12-05
Eissing Stefan (stefan eissing gmail com)

Microsoft MSINFO32.EXE ".NFO" Files XML External Entity 2016-12-04
apparitionsec gmail com/hyp3rlinx

Microsoft Windows Media Center "ehshell.exe" XML External Entity 2016-12-04
apparitionsec gmail com/hyp3rlinx

[slackware-security] mozilla-firefox (SSA:2016-336-01) 2016-12-01
Slackware Security Team (security slackware com)

Malware

Exploit:SWF/Dlcypt.A

SoftwareBundler:Win32/Bervisec
BrowserModifier:Win32/Riccietex

Phishing

Support Team

4th December 2016

Account Notification !

USAA

3rd December 2016

USAA ONLINE NEW MESSAGE FOR
YOUR VIEW

Vulnerebility

IBM AIX CVE-2016-0266 Information Disclosure Vulnerability
2016-12-05
http://www.securityfocus.com/bid/92150

Buffalo WNC01WH JVN#40613060 Multiple Security Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/94648

Linux Kernel 'kvm/emulate.c' Information Disclosure Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94615

Adobe Flash Player and AIR (CVE-2010-2216) Unspecified Memory Corruption Vulnerability
2016-12-05
http://www.securityfocus.com/bid/42362

Adobe Flash Player and AIR (CVE-2010-2213) Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/42364

Adobe Flash Player and AIR (CVE-2010-2214) Unspecified Memory Corruption Vulnerability
2016-12-05
http://www.securityfocus.com/bid/42358

Adobe Flash Player and AIR (CVE-2010-2215) Unspecified Clickjacking Vulnerability
2016-12-05
http://www.securityfocus.com/bid/42361

Adobe Flash Player and AIR (CVE-2010-2188) ActionScript Memory Corruption Vulnerability
2016-12-05
http://www.securityfocus.com/bid/40798

Adobe Flash Player and AIR ActionScript AVM1 ActionPush Memory Corruption Vulnerability
2016-12-05
http://www.securityfocus.com/bid/42363

Linux Kernel CVE-2016-9755 Out of Bounds Write Security Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94626

Linux Kernel Multiple Local Memory Corruption Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/91451

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-12-05
http://www.securityfocus.com/bid/93793

Google Chrome Prior to 50.0.2661.102 Multiple Security Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/90584

IBM BigFix Remote Control CVE-2016-2937 Information Disclosure Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94646

IBM BigFix Remote Control CVE-2016-2936 Information Disclosure Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94645

IBM WebSphere Message Broker CVE-2016-6080 Information Disclosure Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94641

IBM Integration Bus CVE-2016-8918 Security Bypass Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94644

Dell SonicWALL Universal Management Suite SQL Injection Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94642

Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94591

Debian Tomcat Package Multiple Local Privilege Escalation Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/94643

DavFS2 'system()' Function Local Privilege Escalation Vulnerability
2016-12-05
http://www.securityfocus.com/bid/62445

QEMU '/hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94638

Linux Kernel 'lapic.c' Local Denial of Service Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94640

Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94639

IBM UrbanCode Deploy CVE-2016-2994 Cross Site Scripting Vulnerability
2016-12-05
http://www.securityfocus.com/bid/92870

Piwigo 'search_rules.php' Cross Site Scripting Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94637

Red Hat Ceph CVE-2016-8626 Remote Denial of Service Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94488

Arista CloudVision Portal CVE-2016-9012 Security Bypass Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94635

RETIRED: Adobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 Multiple Remote Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/40759

libming 'read.c' Null Pointer Dereference Denial of Service Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94627IBM BigFix Remote Control CVE-2016-2937 Information Disclosure Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94646

IBM BigFix Remote Control CVE-2016-2936 Information Disclosure Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94645

IBM WebSphere Message Broker CVE-2016-6080 Information Disclosure Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94641

IBM Integration Bus CVE-2016-8918 Security Bypass Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94644

Dell SonicWALL Universal Management Suite SQL Injection Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94642

Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94591

Debian Tomcat Package Multiple Local Privilege Escalation Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/94643

DavFS2 'system()' Function Local Privilege Escalation Vulnerability
2016-12-05
http://www.securityfocus.com/bid/62445

QEMU '/hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94638

Linux Kernel 'lapic.c' Local Denial of Service Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94640

Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94639

IBM UrbanCode Deploy CVE-2016-2994 Cross Site Scripting Vulnerability
2016-12-05
http://www.securityfocus.com/bid/92870

Piwigo 'search_rules.php' Cross Site Scripting Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94637

Red Hat Ceph CVE-2016-8626 Remote Denial of Service Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94488

Arista CloudVision Portal CVE-2016-9012 Security Bypass Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94635

Adobe Flash Player and AIR (CVE-2010-2216) Unspecified Memory Corruption Vulnerability
2016-12-05
http://www.securityfocus.com/bid/42362

Adobe Flash Player and AIR ActionScript AVM1 ActionPush Memory Corruption Vulnerability
2016-12-05
http://www.securityfocus.com/bid/42363

RETIRED: Adobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 Multiple Remote Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/40759

Adobe Flash Player and AIR (CVE-2010-2214) Unspecified Memory Corruption Vulnerability
2016-12-05
http://www.securityfocus.com/bid/42358

Adobe Flash Player and AIR (CVE-2010-2215) Unspecified Clickjacking Vulnerability
2016-12-05
http://www.securityfocus.com/bid/42361

Adobe Flash Player and AIR (CVE-2010-2188) ActionScript Memory Corruption Vulnerability
2016-12-05
http://www.securityfocus.com/bid/40798

Adobe Flash Player and AIR (CVE-2010-2213) Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/42364

libming 'read.c' Null Pointer Dereference Denial of Service Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94627

GnuPG and Libgcrypt CVE-2016-6313 Local Predictable Random Number Generator Weakness
2016-12-05
http://www.securityfocus.com/bid/92527

Microsoft Windows UAC Protection Security Bypass Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94634

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/94549

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-12-05
http://www.securityfocus.com/bid/94552

Google Chrome Prior to 55.0.2883.75 Multiple Security Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/94633

Multiple Moxa NPort Products ICSA-16-336-02 Multiple Security Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/85965

Smiths-Medical CADD-Solis Medication Safety Software Multiple Security Bypass Vulnerabilities
2016-12-05
http://www.securityfocus.com/bid/94630

SANS News

Hancitor Maldoc Videos

Threatpost

EFF Blasts DEA in Ongoing Secret ĎSuper Search Engineí Lawsuit


New Large-Scale DDoS Attacks Follow Schedule

Exploit

Microsoft Event Viewer 1.0 - XML External Entity Injection

Microsoft MSINFO32.EXE 6.1.7601 - '.NFO' XML External Entity Injection

Microsoft Windows Media Center 6.1.7600 - 'ehshell.exe' XML External Entity...

Microsoft Excel Starter 2010 - XML External Entity Injection

Microsoft Authorization Manager 6.1.7601 - 'azman' XML External Entity Injection

Alcatel Lucent Omnivista 8770 - Remote Code Execution

BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution

Apache CouchDB 2.0.0 - Local Privilege Escalation

NetCat 0.7.1 - Denial of Service

DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow

Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH)

Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities

4.12.2016

Bugtraq

[slackware-security] mozilla-firefox (SSA:2016-336-01) 2016-12-01
Slackware Security Team (security slackware com)

[security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection 2016-11-30
security-alert hpe com

Malware

 

Phishing

WellsfargoOnline

3rd December 2016

Wells Fargo Online

Capital One

2nd December 2016

Capital One Re-Validate
Account for Your Security

Vulnerebility

IBM BigFix Remote Control CVE-2016-2937 Information Disclosure Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94646

IBM BigFix Remote Control CVE-2016-2936 Information Disclosure Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94645

IBM WebSphere Message Broker CVE-2016-6080 Information Disclosure Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94641

IBM Integration Bus CVE-2016-8918 Security Bypass Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94644

Dell SonicWALL Universal Management Suite SQL Injection Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94642

Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94591

Debian Tomcat Package Multiple Local Privilege Escalation Vulnerabilities
2016-12-04
http://www.securityfocus.com/bid/94643

DavFS2 'system()' Function Local Privilege Escalation Vulnerability
2016-12-04
http://www.securityfocus.com/bid/62445

QEMU '/hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94638

Linux Kernel 'lapic.c' Local Denial of Service Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94640

Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94639

IBM UrbanCode Deploy CVE-2016-2994 Cross Site Scripting Vulnerability
2016-12-04
http://www.securityfocus.com/bid/92870

Piwigo 'search_rules.php' Cross Site Scripting Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94637

Red Hat Ceph CVE-2016-8626 Remote Denial of Service Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94488

Arista CloudVision Portal CVE-2016-9012 Security Bypass Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94635

Adobe Flash Player and AIR (CVE-2010-2216) Unspecified Memory Corruption Vulnerability
2016-12-04
http://www.securityfocus.com/bid/42362

Adobe Flash Player and AIR ActionScript AVM1 ActionPush Memory Corruption Vulnerability
2016-12-04
http://www.securityfocus.com/bid/42363

RETIRED: Adobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 Multiple Remote Vulnerabilities
2016-12-04
http://www.securityfocus.com/bid/40759

Adobe Flash Player and AIR (CVE-2010-2214) Unspecified Memory Corruption Vulnerability
2016-12-04
http://www.securityfocus.com/bid/42358

Adobe Flash Player and AIR (CVE-2010-2215) Unspecified Clickjacking Vulnerability
2016-12-04
http://www.securityfocus.com/bid/42361

Adobe Flash Player and AIR (CVE-2010-2188) ActionScript Memory Corruption Vulnerability
2016-12-04
http://www.securityfocus.com/bid/40798

Adobe Flash Player and AIR (CVE-2010-2213) Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-04
http://www.securityfocus.com/bid/42364

libming 'read.c' Null Pointer Dereference Denial of Service Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94627

GnuPG and Libgcrypt CVE-2016-6313 Local Predictable Random Number Generator Weakness
2016-12-04
http://www.securityfocus.com/bid/92527

Microsoft Windows UAC Protection Security Bypass Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94634

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-12-04
http://www.securityfocus.com/bid/94549

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-12-04
http://www.securityfocus.com/bid/94552

Google Chrome Prior to 55.0.2883.75 Multiple Security Vulnerabilities
2016-12-04
http://www.securityfocus.com/bid/94633

Multiple Moxa NPort Products ICSA-16-336-02 Multiple Security Vulnerabilities
2016-12-04
http://www.securityfocus.com/bid/85965

Smiths-Medical CADD-Solis Medication Safety Software Multiple Security Bypass Vulnerabilities
2016-12-04
http://www.securityfocus.com/bid/94630
IBM BigFix Remote Control CVE-2016-2937 Information Disclosure Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94646

IBM BigFix Remote Control CVE-2016-2936 Information Disclosure Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94645

IBM WebSphere Message Broker CVE-2016-6080 Information Disclosure Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94641

IBM Integration Bus CVE-2016-8918 Security Bypass Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94644

Dell SonicWALL Universal Management Suite SQL Injection Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94642

Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94591

Debian Tomcat Package Multiple Local Privilege Escalation Vulnerabilities
2016-12-03
http://www.securityfocus.com/bid/94643

DavFS2 'system()' Function Local Privilege Escalation Vulnerability
2016-12-03
http://www.securityfocus.com/bid/62445

QEMU '/hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94638

Linux Kernel 'lapic.c' Local Denial of Service Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94640

Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94639

IBM UrbanCode Deploy CVE-2016-2994 Cross Site Scripting Vulnerability
2016-12-03
http://www.securityfocus.com/bid/92870

Piwigo 'search_rules.php' Cross Site Scripting Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94637

Red Hat Ceph CVE-2016-8626 Remote Denial of Service Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94488

Arista CloudVision Portal CVE-2016-9012 Security Bypass Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94635

Adobe Flash Player and AIR (CVE-2010-2216) Unspecified Memory Corruption Vulnerability
2016-12-03
http://www.securityfocus.com/bid/42362

Adobe Flash Player and AIR ActionScript AVM1 ActionPush Memory Corruption Vulnerability
2016-12-03
http://www.securityfocus.com/bid/42363

RETIRED: Adobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 Multiple Remote Vulnerabilities
2016-12-03
http://www.securityfocus.com/bid/40759

Adobe Flash Player and AIR (CVE-2010-2214) Unspecified Memory Corruption Vulnerability
2016-12-03
http://www.securityfocus.com/bid/42358

Adobe Flash Player and AIR (CVE-2010-2215) Unspecified Clickjacking Vulnerability
2016-12-03
http://www.securityfocus.com/bid/42361

Adobe Flash Player and AIR (CVE-2010-2188) ActionScript Memory Corruption Vulnerability
2016-12-03
http://www.securityfocus.com/bid/40798

Adobe Flash Player and AIR (CVE-2010-2213) Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-03
http://www.securityfocus.com/bid/42364

libming 'read.c' Null Pointer Dereference Denial of Service Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94627

GnuPG and Libgcrypt CVE-2016-6313 Local Predictable Random Number Generator Weakness
2016-12-03
http://www.securityfocus.com/bid/92527

Microsoft Windows UAC Protection Security Bypass Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94634

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-12-03
http://www.securityfocus.com/bid/94549

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-12-03
http://www.securityfocus.com/bid/94552

Google Chrome Prior to 55.0.2883.75 Multiple Security Vulnerabilities
2016-12-03
http://www.securityfocus.com/bid/94633

Multiple Moxa NPort Products ICSA-16-336-02 Multiple Security Vulnerabilities
2016-12-03
http://www.securityfocus.com/bid/85965

Smiths-Medical CADD-Solis Medication Safety Software Multiple Security Bypass Vulnerabilities
2016-12-03
http://www.securityfocus.com/bid/94630

SANS News

 

Threatpost

Google Fixes 12 High-Severity Flaws In Chrome Browser

Exploit

Apache ActiveMQ 5.11.1/5.13.2 - Directory Traversal / Command Execution

Xfinity Gateway - Remote Code Execution

2.12.2016

Bugtraq

[slackware-security] mozilla-firefox (SSA:2016-336-01) 2016-12-01
Slackware Security Team (security slackware com)

[security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection 2016-11-30
security-alert hpe com

Malware

Exploit:SWF/Netis.C 
SoftwareBundler:Win32/Bervisec 
BrowserModifier:Win32/Riccietex 
SoftwareBundler:Win32/Dlhelper 

Linux.Horsepill

Phishing

Apple Store Service

1st December 2016

Apple Client Support (Ticket
Ref#:32951)

APPSTORE LD

1st December 2016

Renewal required

Vulnerebility

Adobe Flash Player and AIR (CVE-2010-2216) Unspecified Memory Corruption Vulnerability
2016-12-02
http://www.securityfocus.com/bid/42362

Adobe Flash Player and AIR ActionScript AVM1 ActionPush Memory Corruption Vulnerability
2016-12-02
http://www.securityfocus.com/bid/42363

RETIRED: Adobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 Multiple Remote Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/40759

Adobe Flash Player and AIR (CVE-2010-2214) Unspecified Memory Corruption Vulnerability
2016-12-02
http://www.securityfocus.com/bid/42358

Adobe Flash Player and AIR (CVE-2010-2215) Unspecified Clickjacking Vulnerability
2016-12-02
http://www.securityfocus.com/bid/42361

Adobe Flash Player and AIR (CVE-2010-2188) ActionScript Memory Corruption Vulnerability
2016-12-02
http://www.securityfocus.com/bid/40798

Adobe Flash Player and AIR (CVE-2010-2213) Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/42364

libming 'read.c' Null Pointer Dereference Denial of Service Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94627

GnuPG and Libgcrypt CVE-2016-6313 Local Predictable Random Number Generator Weakness
2016-12-02
http://www.securityfocus.com/bid/92527

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/94549

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94552

Google Chrome Prior to 55.0.2883.75 Multiple Security Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/94633

Multiple Moxa NPort Products ICSA-16-336-02 Multiple Security Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/85965

Smiths-Medical CADD-Solis Medication Safety Software Multiple Security Bypass Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/94630

Multiple Mitsubishi Electric MELSEC-Q Series Security Bypass and Denial of Service Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/94632

Advantech SUSIAccess Server CVE-2016-9353 Local Privilege Escalation Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94631

Advantech SUSIAccess Server Directory Traversal and Information Disclosure Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/94629

GraphicsMagick 'memory.c' Denial of Service Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94625

Serendipity CVE-2016-9752 SSRF Security Bypass Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94622

Linux Kernel 'IPv6 Implementation' Local Integer Overflow Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94626

IBM BigFix Remote Control CVE-2016-2944 Information Disclosure Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94623

Linux Kernel CVE-2016-9644 Local Privilege Escalation Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94545

Linux Kernel Local Security Bypass Vulnerability
2016-12-02
http://www.securityfocus.com/bid/92659

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-12-02
http://www.securityfocus.com/bid/93037

IBM BigFix Remote Control CVE-2016-2948 Local Information Disclosure Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94619

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-12-02
http://www.securityfocus.com/bid/93541

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/94335

IBM BigFix Remote Control CVE-2016-2940 Multiple Information Disclosure Vulnerabilites
2016-12-02
http://www.securityfocus.com/bid/94621

Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94591

Huawei FusionAccess CVE-2016-8779 Command Injection Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94620Smiths-Medical CADD-Solis Medication Safety Software Multiple Security Bypass Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/94630

Multiple Mitsubishi Electric MELSEC-Q Series Security Bypass and Denial of Service Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/94632

Advantech SUSIAccess Server CVE-2016-9353 Local Privilege Escalation Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94631

Advantech SUSIAccess Server Directory Traversal and Information Disclosure Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/94629

libming 'read.c' Null Pointer Deference Denial of Service Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94627

GraphicsMagick 'memory.c' Denial of Service Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94625

Serendipity CVE-2016-9752 SSRF Security Bypass Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94622

Linux Kernel 'IPv6 Implementation' Local Integer Overflow Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94626

IBM BigFix Remote Control CVE-2016-2944 Information Disclosure Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94623

Linux Kernel CVE-2016-9644 Local Privilege Escalation Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94545

Linux Kernel Local Security Bypass Vulnerability
2016-12-02
http://www.securityfocus.com/bid/92659

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-12-02
http://www.securityfocus.com/bid/93037

IBM BigFix Remote Control CVE-2016-2948 Local Information Disclosure Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94619

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-12-02
http://www.securityfocus.com/bid/93541

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-02
http://www.securityfocus.com/bid/94335

IBM BigFix Remote Control CVE-2016-2940 Multiple Information Disclosure Vulnerabilites
2016-12-02
http://www.securityfocus.com/bid/94621

Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94591

Huawei FusionAccess CVE-2016-8779 Command Injection Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94620

IBM BigFix Remote Control CVE-2016-2943 Local Information Disclosure Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94617

PHP 'ext/session/session.c' Remote Code Injection Vulnerability
2016-12-02
http://www.securityfocus.com/bid/92552

PHP CVE-2016-7131 NULL pointer Dereference Remote Denial of Service Vulnerability
2016-12-02
http://www.securityfocus.com/bid/92768

ImageMagick CVE-2016-9556 Heap Buffer Overflow Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94492

ImageMagick CVE-2016-8862 Memory Corruption Vulnerability
2016-12-02
http://www.securityfocus.com/bid/93794

ImageMagick CVE-2016-7906 Use After Free Denial of Service Vulnerability
2016-12-02
http://www.securityfocus.com/bid/93271

ImageMagick 'MagickCore/profile.c' Memory Corruption Vulnerability
2016-12-02
http://www.securityfocus.com/bid/93264

ImageMagick 'coders/tiff.c' Memory Corruption Vulnerability
2016-12-02
http://www.securityfocus.com/bid/93598

Multiple Japan Pension Service Products CVE-2016-7818 DLL Loading Local Code Execution Vulnerability
2016-12-02
http://www.securityfocus.com/bid/94616

PHP 'ext/standard/var_unserializer.c' Memory Corruption Vulnerability
2016-12-02
http://www.securityfocus.com/bid/93009

PHP CVE-2016-7418 Out-of-Bounds Read Denial of Service Vulnerability
2016-12-02
http://www.securityfocus.com/bid/93011

PHP CVE-2016-7416 Stack Buffer Overflow Vulnerability
2016-12-02
http://www.securityfocus.com/bid/93008

SANS News

Tap Gigabit Networks on the Cheap

Protecting Powershell Credentials (NOT)

Threatpost

Rule 41 Opponents Vow to Fight Governmentís New Hacking Powers

Exploit

Disk Savvy Enterprise 9.1.14 - 'GET' Buffer Overflow

1.12.2016

Bugtraq

[slackware-security] mozilla-firefox (SSA:2016-336-01) 2016-12-01
Slackware Security Team (security slackware com)

[security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection 2016-11-30
security-alert hpe com

[security bulletin] HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of Privilege 2016-11-30
security-alert hpe com

[security bulletin] HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java Deserialization, Remote Code Execution 2016-11-30
security-alert hpe com

[FOXMOLE SA 2016-05-02] e107 Content Management System (CMS) - Multiple Issues 2016-11-30
FOXMOLE Advisories (advisories foxmole com)

[security bulletin] HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain Privileged Access 2016-11-30
security-alert hpe com

[RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler 2016-11-30
RedTeam Pentesting GmbH (release redteam-pentesting de)

XSS in tooltip plugin of Zurb Foundation 5 2016-11-29
Winni Neessen (winni insecure so)

Malware

W97M.Downloader.M

Phishing

APPSTORE LD

1st December 2016

Renewal required

noreply@amazon.com

30th November 2016

Important message please read

James B. Comey

29th November 2016

Executive Director FBI

Vulnerebility

PHP 'ext/standard/var_unserializer.c' Memory Corruption Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93009

PHP CVE-2016-7418 Out-of-Bounds Read Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93011

PHP CVE-2016-7416 Stack Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93008

PHP CVE-2016-7414 Heap Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93004

PHP CVE-2016-7412 Heap Based Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93005

PHP 'ext/spl/spl_array.c' Remote Denial Of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93007

PHP CVE-2016-7413 Use After Free Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93006

PHP 'fopen_wrappers.c' Integer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92765

PHP 'ext/wddx/wddx.c' Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92764

PHP CVE-2016-7132 NULL pointer Dereference Remote Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92767

PHP CVE-2016-7134 Heap Based Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92766

PHP '__wakeup()' Function Remote Code Execution Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92756

PHP 'wddx_deserialize()' Function Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92758

PHP 'ext/gd/gd.c' Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92757

PHP 'ext/gd/gd.c' Heap Based Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92755

PHP 'session.c' Use After Free Remote Code Execution Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92097

PHP 'ext/exif/exif.c' Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92564

PHP CVE-2016-6294 Local Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92115

PHP 'zip_stream.c' Integer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92099

PHP '/xmlrpc/libxmlrpc/simplestring.c' Heap Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92095

PHP 'snmp.c' Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92094

PHP 'ext/exif/exif.c' Multiple Heap Based Buffer Overflow Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/89844

PHP 'bcmath.c' Multiple Local Heap Overflow Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/90173

PHP 'grapheme_string.c' Out of Bounds Read Local Memory Corruption Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/90172

PHP 'exif_process_IFD_in_MAKERNOTE' Out of Bounds Read Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92073

PHP 'exif.c' NULL Pointer Dereference Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92078

PHP CVE-2016-4539 Remote Denial Of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/90174

PHP CVE-2016-5385 Security Bypass Vulnerability
2016-12-01
http://www.securityfocus.com/bid/91821

PHP 'zend_virtual_cwd.c' Integer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/92074

PHP LibGD CVE-2016-3074 Heap Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/87087Linux Kernel 'kvm/emulate.c' Local Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94615

Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94591

Mozilla Firefox CVE-2016-5296 Heap Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94339

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/94335

Mozilla Firefox Multiple Security Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/94336

IBM IMS Enterprise Suite Data Provider CVE-2016-2887 Unspecified Security Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94611

Red Hat CloudForms Management Engine CVE-2016-5402 Remote Code Execution Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94612

C-ares CVE-2016-5180 Out of Bounds Write Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93243

HP Network Automation CVE-2016-8511 Remote Code Execution Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94610

Symantec Norton App Lock CVE-2016-6591 Local Security Bypass Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94343

IBM BigFix Remote Control CVE-2016-2950 Unspecified SQL Injection Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94607

IBM BigFix Remote Control CVE-2016-2949 Local Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94608

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93793

IBM iNotes and Domino CVE-2016-2939 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94605

IBM iNotes and Domino CVE-2016-5880 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94606

IBM iNotes and Domino CVE-2016-5882 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94604

IBM iNotes and Domino CVE-2016-6113 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94603

IBM iNotes and Domino CVE-2016-5884 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94602

IBM BigFix Remote Control CVE-2016-2951 Man in the Middle Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94601

IBM iNotes and Domino CVE-2016-2938 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94600

IBM BigFix Remote Control CVE-2016-2963 Cross Site Request Forgery Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94596

Multiple Lenovo Products CVE-2016-8224 Local Privilege Escalation Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94595

Boa Webserver CVE-2016-9564 Stack Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94599

IBM BigFix Remote Control CVE-2016-2952 Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94598

Lenovo System Interface Foundation CVE-2016-8223 Local Privilege Escalation Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94597

Multiple I-O DATA DEVICE Products Buffer Overflow and Command Injection Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/94594

HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94414

HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94411

HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94417

HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94416Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94591

Symantec Norton App Lock CVE-2016-6591 Local Security Bypass Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94343

IBM BigFix Remote Control CVE-2016-2950 Unspecified SQL Injection Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94607

IBM BigFix Remote Control CVE-2016-2949 Local Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94608

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93793

IBM iNotes and Domino CVE-2016-2939 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94605

IBM iNotes and Domino CVE-2016-5880 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94606

IBM iNotes and Domino CVE-2016-5882 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94604

IBM iNotes and Domino CVE-2016-6113 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94603

IBM iNotes and Domino CVE-2016-5884 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94602

IBM BigFix Remote Control CVE-2016-2951 Man in the Middle Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94601

IBM iNotes and Domino CVE-2016-2938 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94600

IBM BigFix Remote Control CVE-2016-2963 Cross Site Request Forgery Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94596

Multiple Lenovo Products CVE-2016-8224 Local Privilege Escalation Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94595

Boa Webserver CVE-2016-9564 Stack Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94599

IBM BigFix Remote Control CVE-2016-2952 Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94598

Lenovo System Interface Foundation CVE-2016-8223 Local Privilege Escalation Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94597

Multiple I-O DATA DEVICE Products Buffer Overflow and Command Injection Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/94594

HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94414

HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94411

HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94417

HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94416

Exponent CMS CVE-2016-9481 SQL Injection Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94590

Linux Kernel CVE-2016-9685 Multiple Local Denial of Service Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/94593

SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2016-12-01
http://www.securityfocus.com/bid/73684

OpenJPEG CVE-2016-9675 Incomplete Fix Multiple Remote Heap Based Buffer Overflow Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/94589

Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94588

Emerson DeltaV CVE-2016-9345 Local Privilege Escalation Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94584

Multiple Emerson Products CVE-2016-9347 Security Bypass Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94586

Dell iDRAC7 and iDRAC8 Devices CVE-2016-5685 Code Injection Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94585
Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/52379

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93150

Apple iOS/macOS/tvOS/watchOS CVE-2016-4688 Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94572

Apple macOS CVE-2016-7584 Security Bypass Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94571

iCloud Setup for Windows CVE-2016-7583 Remote Code Execution Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94570

Mozilla Firefox CVE-2016-9078 URL Redirection Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94569

Red Hat JBoss BRMS and BPM Suite CVE-2016-8608 Incomplete Fix HTML Injection Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94568

Drools CVE-2016-7041 Directory Traversal Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94566

WordPress Dukapress Plugin 'dukapress/download.php' SQL Injection Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94567

WordPress Image Gallery Plugin HTML Injection Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94565

WordPress simple-image-manipulator Plugin 'download.php' Arbitrary File Download Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94563

Guidance Software EnCase Multiple Security Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/94564

Core FTP Client Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94562

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/94499

metapixel 'rwgif.c' Heap Buffer Overflow Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94466

IBM BigFix Remote Control CVE-2016-2927 Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94561

IBM BigFix Remote Control CVE-2016-2929 Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94560

WebKit CVE-2016-9642 Memory Corruption Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94554

WebKit CVE-2016-9643 Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94559

Multiple IBM Products CVE-2016-0284 XML External Entity Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94555

IBM iNotes CVE-2016-0282 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94558

IBM BigFix Remote Control CVE-2016-2928 Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94556

Multiple IBM Products CVE-2016-0273 Cross Site Scripting Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94557

Multiple IBM Products CVE-2016-0285 HTML Injection Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94550

Cybozu Kintone App CVE-2016-7816 SSL Certificate Validation Security Bypass Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94547

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94552

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-12-01
http://www.securityfocus.com/bid/94549

SaltStack Salt CVE-2016-9639 Information Disclosure Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94553

InPage '.inp' File Parser Remote Code Execution Vulnerability
2016-12-01
http://www.securityfocus.com/bid/94548

Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-12-01
http://www.securityfocus.com/bid/93544

SANS News

 

Threatpost

Microsoft Silently Fixes Kernel Bug That Led to Chrome Sandbox Bypass

Gooligan Malware Breaches 1 Million Google Accounts

Exploit

Disk Savvy Enterprise 9.1.14 - 'GET' Buffer Overflow

Xfinity Gateway - Cross-Site Request Forgery

Joomla! Component Portfolio Gallery 1.0.6 - SQL Injection

Joomla! Component Catalog 1.0.7 - SQL Injection

Wordpress Plugin WP Vault 0.8.6.6 - Local File Inclusion

Xitami Web Server 5.0a0 - Denial of Service

30.11.2016

Bugtraq

[RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler 2016-11-30
RedTeam Pentesting GmbH (release redteam-pentesting de)

XSS in tooltip plugin of Zurb Foundation 5 2016-11-29
Winni Neessen (winni insecure so)

Google Chrome Accessibility blink::Node corruption details 2016-11-29
Berend-Jan Wever (berendj nwever nl)

SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic 2016-11-28
SEC Consult Vulnerability Lab (research sec-consult com)

Malware

Trojan.Sponkirob

Phishing

noreply@amazon.com

30th November 2016

Important message please read

James B. Comey

29th November 2016

Executive Director FBI

Apple

29th November 2016

About your transaction
#5748573

IAPPIE.LD

29th November 2016

Account Suspended

Vulnerebility

SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2016-11-30
http://www.securityfocus.com/bid/73684

Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94588

Emerson DeltaV CVE-2016-9345 Local Privilege Escalation Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94584

Multiple Emerson Products CVE-2016-9347 Security Bypass Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94586

Dell iDRAC7 and iDRAC8 Devices CVE-2016-5685 Code Injection Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94585

Emerson Liebert SiteScan CVE-2016-8348 XML External Entity Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94587

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94335

JasPer CVE-2016-8654 Multiple Remote Heap Buffer Overflow Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94583

IBM FileNet Workplace XT CVE-2016-8921 Unspecified Arbitrary File Upload Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94582

Xen XSA-201 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94581

Zurb Foundation tooltip Plugin 'foundation.tooltip.js' Cross Site Scripting Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94580

Neovim CVE-2016-1248 Command Execution Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94478

Multiple Micro Focus Products CVE-2016-5765 Directory Traversal Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94579

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93965

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93962

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93964

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93844

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93474

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93957

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93567

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93842

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93563

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93956

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93955

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93473

QEMU 'hw/usb/hcd-xhci.c' Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93469

QEMU CVE-2016-7170 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92904

QEMU 'hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93273

QEMU Infinite Loop CVE-2016-7421 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92998

QEMU 'xilinx_ethlite.c' Heap Based Buffer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93141Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94588

Emerson DeltaV CVE-2016-9345 Local Privilege Escalation Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94584

Multiple Emerson Products CVE-2016-9347 Security Bypass Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94586

Dell iDRAC7 and iDRAC8 Devices CVE-2016-5685 Code Injection Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94585

Emerson Liebert SiteScan CVE-2016-8348 XML External Entity Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94587

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94335

JasPer CVE-2016-8654 Multiple Remote Heap Buffer Overflow Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94583

IBM FileNet Workplace XT CVE-2016-8921 Unspecified Arbitrary File Upload Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94582

Xen XSA-201 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94581

Zurb Foundation tooltip Plugin 'foundation.tooltip.js' Cross Site Scripting Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94580

Neovim CVE-2016-1248 Command Execution Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94478

Multiple Micro Focus Products CVE-2016-5765 Directory Traversal Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94579

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93965

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93962

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93964

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93844

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93474

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93957

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93567

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93842

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93563

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93956

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93955

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93473

QEMU 'hw/usb/hcd-xhci.c' Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93469

QEMU CVE-2016-7170 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92904

QEMU 'hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93273

QEMU Infinite Loop CVE-2016-7421 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92998

QEMU 'xilinx_ethlite.c' Heap Based Buffer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93141

QEMU Infinite Loop CVE-2016-7909 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93275Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94588

Emerson DeltaV CVE-2016-9345 Local Privilege Escalation Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94584

Multiple Emerson Products CVE-2016-9347 Security Bypass Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94586

Dell iDRAC7 and iDRAC8 Devices CVE-2016-5685 Code Injection Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94585

Emerson Liebert SiteScan CVE-2016-8348 XML External Entity Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94587

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94335

JasPer CVE-2016-8654 Multiple Remote Heap Buffer Overflow Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94583

IBM FileNet Workplace XT CVE-2016-8921 Unspecified Arbitrary File Upload Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94582

Xen XSA-201 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94581

Zurb Foundation tooltip Plugin 'foundation.tooltip.js' Cross Site Scripting Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94580

Neovim CVE-2016-1248 Command Execution Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94478

Multiple Micro Focus Products CVE-2016-5765 Directory Traversal Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94579

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93965

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93962

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93964

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93844

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93474

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93957

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93567

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93842

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93563

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93956

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93955

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93473

QEMU 'hw/usb/hcd-xhci.c' Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93469

QEMU CVE-2016-7170 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92904

QEMU 'hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93273

QEMU Infinite Loop CVE-2016-7421 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92998

QEMU 'xilinx_ethlite.c' Heap Based Buffer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93141

QEMU Infinite Loop CVE-2016-7909 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93275

SANS News

Unpatched Vulnerability in Firefox used to Attack Tor Browser

Take Back Wednesday? SQL Slammer... still alive but barely kicking

Threatpost

New Mirai Variant Targets Routers, Knocks 900,000 Offline

NetWire RAT Back, Stealing Payment Card Data

New Cerber Variant Leverages Tor2Web Proxies, Google Redirects

Exploit

WinPower 4.9.0.4 - Privilege Escalation

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition Privilege...

29.11.2016

Bugtraq

XSS in tooltip plugin of Zurb Foundation 5 2016-11-29
Winni Neessen (winni insecure so)

Google Chrome Accessibility blink::Node corruption details 2016-11-29
Berend-Jan Wever (berendj nwever nl)

SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic 2016-11-28
SEC Consult Vulnerability Lab (research sec-consult com)

[SECURITY] [DSA 3725-1] icu security update 2016-11-27
Luciano Bello (luciano debian org)

Core FTP LE v2.2 Remote SSH/SFTP Buffer Overflow 2016-11-27
apparitionsec gmail com/hyp3rlinx

WorldCIST'2017 - Submission deadline: November 30 2016-11-26
ML (marialemos72 gmail com)

Malware

Ransom.YeeScrLocker

Linux.Gafgyt.B

Phishing

IAPPIE.LD

29th November 2016

Account Suspended

Service Info

29th November 2016

UPDATE

noreply@amazon.com

29th November 2016

Important message please read

Vulnerebility

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/89760

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/89746

Oracle Java SE CVE-2016-5582 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93623

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93637

Oracle Java SE CVE-2016-5556 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93618

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93621

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93643

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93628

DBD::mysql CVE-2016-1251 Use After Free Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94573

Expat CVE-2016-0718 Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/90729

Expat CVE-2016-5300 Incomplete Fix Remote Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/91159

Mozilla Firefox and Thunderbird MFSA 2015-48 through -58 Multiple Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/74611

Google Chrome Prior to 44.0.2403.89 Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/75973

Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/52379

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93150

Apple iOS/macOS/tvOS/watchOS CVE-2016-4688 Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94572

Apple macOS CVE-2016-7584 Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94571

iCloud Setup for Windows CVE-2016-7583 Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94570

Mozilla Firefox CVE-2016-9078 URL Redirection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94569

Red Hat JBoss BRMS and BPM Suite CVE-2016-8608 Incomplete Fix HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94568

Drools CVE-2016-7041 Directory Traversal Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94566

WordPress Dukapress Plugin 'dukapress/download.php' SQL Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94567

WordPress Image Gallery Plugin HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94565

WordPress simple-image-manipulator Plugin 'download.php' Arbitrary File Download Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94563

Guidance Software EnCase Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94564

Core FTP Client Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94562

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94499

metapixel 'rwgif.c' Heap Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94466

IBM BigFix Remote Control CVE-2016-2927 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94561Apple iOS/macOS/tvOS/watchOS CVE-2016-4688 Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94572

Apple macOS CVE-2016-7584 Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94571

iCloud Setup for Windows CVE-2016-7583 Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94570

Mozilla Firefox CVE-2016-9078 URL Redirection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94569

Red Hat JBoss BRMS and BPM Suite CVE-2016-8608 Incomplete Fix HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94568

Drools CVE-2016-7041 Directory Traversal Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94566

WordPress Dukapress Plugin 'dukapress/download.php' SQL Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94567

WordPress Image Gallery Plugin HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94565

WordPress simple-image-manipulator Plugin 'download.php' Arbitrary File Download Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94563

Guidance Software EnCase Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94564

Core FTP Client Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94562

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94499

metapixel 'rwgif.c' Heap Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94466

IBM BigFix Remote Control CVE-2016-2927 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94561

IBM BigFix Remote Control CVE-2016-2929 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94560

WebKit CVE-2016-9642 Memory Corruption Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94554

WebKit CVE-2016-9643 Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94559

Multiple IBM Products CVE-2016-0284 XML External Entity Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94555

IBM iNotes CVE-2016-0282 Cross Site Scripting Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94558

IBM BigFix Remote Control CVE-2016-2928 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94556

Multiple IBM Products CVE-2016-0273 Cross Site Scripting Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94557

Multiple IBM Products CVE-2016-0285 HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94550

Cybozu Kintone App CVE-2016-7816 SSL Certificate Validation Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94547

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94552

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94549

SaltStack Salt CVE-2016-9639 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94553

InPage '.inp' File Parser Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94548

Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93544

Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/91540

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93037Red Hat JBoss BRMS and BPM Suite CVE-2016-8608 Incomplete Fix HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94568

Drools CVE-2016-7041 Directory Traversal Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94566

WordPress Dukapress Plugin 'dukapress/download.php' SQL Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94567

WordPress Image Gallery Plugin HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94565

WordPress simple-image-manipulator Plugin 'download.php' Arbitrary File Download Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94563

Guidance Software EnCase Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94564

Core FTP Client Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94562

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94499

metapixel 'rwgif.c' Heap Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94466

IBM BigFix Remote Control CVE-2016-2927 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94561

IBM BigFix Remote Control CVE-2016-2929 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94560

WebKit CVE-2016-9642 Memory Corruption Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94554

WebKit CVE-2016-9643 Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94559

Multiple IBM Products CVE-2016-0284 XML External Entity Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94555

IBM iNotes CVE-2016-0282 Cross Site Scripting Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94558

IBM BigFix Remote Control CVE-2016-2928 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94556

Multiple IBM Products CVE-2016-0273 Cross Site Scripting Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94557

Multiple IBM Products CVE-2016-0285 HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94550

Cybozu Kintone App CVE-2016-7816 SSL Certificate Validation Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94547

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94552

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94549

SaltStack Salt CVE-2016-9639 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94553

InPage '.inp' File Parser Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94548

Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93544

Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/91540

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93037

Linux Kernel CVE-2016-8666 Stack Overflow Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93562

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/92452

Linux Kernel Local Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/92659

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/91704

SANS News

Port 7547 SOAP Remote Code Execution Attack Against DSL Modems

TR-069 NewNTPServer Exploits: What we know so far

Threatpost

PayPal Fixes OAuth Token Leaking Vulnerability

Exploit

Android - 'BadKernel' Remote Code Execution

Microsoft Internet Explorer 8 / 9 / 10 / 11 MSHTML - 'DOMImplementation' Type...

Microsoft Internet Explorer 10 MSHTML - 'CEdit≠Adorner::Detach' Use-After-Free ...

Microsoft Internet Explorer 11 MSHTML -...

Microsoft Internet Explorer 8 MSHTML - 'SRun≠Pointer::Span≠Qualifier/Run≠Type' Ou...

NTP 4.2.8p3 - Denial of Service

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege...

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege...

Red Hat JBoss EAP - Deserialization of Untrusted Data

Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting

28.11.2016

Bugtraq

SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic 2016-11-28
SEC Consult Vulnerability Lab (research sec-consult com)

[SECURITY] [DSA 3725-1] icu security update 2016-11-27
Luciano Bello (luciano debian org)

Core FTP LE v2.2 Remote SSH/SFTP Buffer Overflow 2016-11-27
apparitionsec gmail com/hyp3rlinx

WorldCIST'2017 - Submission deadline: November 30 2016-11-26
ML (marialemos72 gmail com)

CVE 2016-6803: Apache OpenOffice Unquoted Search Path Vulnerability 2016-11-25
Apache OpenOffice Security (orcmid apache org)

Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)

[SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)

Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)

[SECURITY] [DSA 3723-1] gst-plugins-good1.0 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)

Malware

HackTool:Win32/AutoKMS!rfn

Phishing

 

Vulnerebility

WebKit CVE-2016-9642 Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94554

WebKit CVE-2016-9643 Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94559

Multiple IBM Products CVE-2016-0284 XML External Entity Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94555

IBM iNotes CVE-2016-0282 Cross Site Scripting Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94558

IBM BigFix Remote Control CVE-2016-2928 Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94556

Multiple IBM Products CVE-2016-0273 Cross Site Scripting Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94557

Multiple IBM Products CVE-2016-0285 HTML Injection Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94550

Cybozu Kintone App CVE-2016-7816 SSL Certificate Validation Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94547

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94552

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94549

SaltStack Salt CVE-2016-9639 Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94553

InPage '.inp' File Parser Remote Code Execution Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94548

Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93544

Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/91540

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93037

Linux Kernel CVE-2016-8666 Stack Overflow Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93562

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92452

Linux Kernel Local Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92659

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/91704

Google Android Multiple Kernel Components Multiple Information Disclosure Vulnerabilites
2016-11-28
http://www.securityfocus.com/bid/93326

Linux Kernel CVE-2016-6327 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92549

Linux Kernel CVE-2016-6480 Local Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92214

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93541

Linux Kernel CVE-2016-9313 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94546

Linux Kernel CVE-2016-9644 Local Privilege Escalation Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94545

ICU CVE-2016-6293 Out of Bounds Read Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92127

ImageMagick 'coders/tiff.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93598

ImageMagick CVE-2016-7906 Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93271

ImageMagick 'MagickCore/profile.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93264

RedHat Jboss Fuse and Jboss A-MQ CVE-2016-8653 Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94544Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93544

Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/91540

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93037

Linux Kernel CVE-2016-8666 Stack Overflow Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93562

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92452

Linux Kernel Local Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92659

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/91704

Google Android Multiple Kernel Components Multiple Information Disclosure Vulnerabilites
2016-11-28
http://www.securityfocus.com/bid/93326

Linux Kernel CVE-2016-6327 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92549

Linux Kernel CVE-2016-6480 Local Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92214

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93541

Linux Kernel CVE-2016-9313 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94546

Linux Kernel CVE-2016-9644 Local Privilege Escalation Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94545

ICU CVE-2016-6293 Out of Bounds Read Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92127

ImageMagick 'coders/tiff.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93598

ImageMagick CVE-2016-7906 Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93271

ImageMagick 'MagickCore/profile.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93264

RedHat Jboss Fuse and Jboss A-MQ CVE-2016-8653 Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94544

International Components for Unicode CVE-2016-7415 Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93022

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94520

Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2016-11-28
http://www.securityfocus.com/bid/77164

Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2016-11-28
http://www.securityfocus.com/bid/75861

IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94533
Linux Kernel CVE-2016-8666 Stack Overflow Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93562

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92452

Linux Kernel Local Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92659

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/91704

Google Android Multiple Kernel Components Multiple Information Disclosure Vulnerabilites
2016-11-28
http://www.securityfocus.com/bid/93326

Linux Kernel CVE-2016-6327 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92549

Linux Kernel CVE-2016-6480 Local Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92214

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93541

Linux Kernel CVE-2016-9644 Local Privilege Escalation Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94545

ICU CVE-2016-6293 Out of Bounds Read Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92127

ImageMagick 'coders/tiff.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93598

ImageMagick CVE-2016-7906 Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93271

ImageMagick 'MagickCore/profile.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93264

RedHat Jboss Fuse and Jboss A-MQ CVE-2016-8653 Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94544

International Components for Unicode CVE-2016-7415 Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93022

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94520

Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2016-11-28
http://www.securityfocus.com/bid/77164

Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2016-11-28
http://www.securityfocus.com/bid/75861

IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94533

Linux Kernel CVE-2016-8650 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94532

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94536

Multiple Huawei Products CVE-2016-8768 Local Privilege Escalation
2016-11-28
http://www.securityfocus.com/bid/93885

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94535IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94533

Linux Kernel CVE-2016-8650 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94532

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94536

Multiple Huawei Products CVE-2016-8768 Local Privilege Escalation
2016-11-28
http://www.securityfocus.com/bid/93885

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94535

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93153

phpMyAdmin PMASA-2016-62 Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94534

Multiple Cisco Products CVE-2016-1409 Remote Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/90872

phpMyAdmin PMASA-2016-64 Multiple Cross Site Scripting Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94530

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94528

phpMyAdmin PMASA-2016-61 Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94529

phpMyAdmin PMASA-2016-65 Multiple Denial of Service Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94525

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94531

phpMyAdmin Multiple Full Path Information Disclosure Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94527

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-58 Insecure Key Generation Security Weakness
2016-11-28
http://www.securityfocus.com/bid/94524

PHP libicu 'locale_get_display_name()' Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/68549

Multiple Huawei Products Local Multiple Security Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94509

phpMyAdmin PMASA-2016-59 Remote Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94523

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94521

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94394

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94520

Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94471

SANS News

Port 7547 SOAP Remote Code Execution Attack Against DSL Modems

Scapy vs. CozyDuke

Threatpost

 

Exploit

Disk Pulse Enterprise 9.1.16 - Buffer Overflow

Disk Savvy Enterprise 9.1.14 - Buffer Overflow

Dup Scout Enterprise 9.1.14 - Buffer Overflow

Disk Sorter Enterprise 9.1.12 - Buffer Overflow

Sync Breeze Enterprise 9.1.16 - Buffer Overflow

VX Search Enterprise 9.1.12 - Buffer Overflow

27.11.2016

Bugtraq

Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)

Malware

 

Phishing

Apple

27th November 2016

[Norton Anti]Please Review
Your Account Informations

Virgin Media

26th November 2016

AN UPDATE FROM VIRGIN MEDIA

Support

26th November 2016

[PAYPAL] PLEASE CONFIRM YOUR
INFORMATIONS

Vulnerebility

IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94533

Linux Kernel CVE-2016-8650 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94532

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94536

Multiple Huawei Products CVE-2016-8768 Local Privilege Escalation
2016-11-27
http://www.securityfocus.com/bid/93885

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94535

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-27
http://www.securityfocus.com/bid/93153

phpMyAdmin PMASA-2016-62 Security Bypass Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94534

Multiple Cisco Products CVE-2016-1409 Remote Denial of Service Vulnerability
2016-11-27
http://www.securityfocus.com/bid/90872

phpMyAdmin PMASA-2016-64 Multiple Cross Site Scripting Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94530

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94528

phpMyAdmin PMASA-2016-61 Security Bypass Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94529

phpMyAdmin PMASA-2016-65 Multiple Denial of Service Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94525

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94531

phpMyAdmin Multiple Full Path Information Disclosure Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94527

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-58 Insecure Key Generation Security Weakness
2016-11-27
http://www.securityfocus.com/bid/94524

PHP libicu 'locale_get_display_name()' Stack Buffer Overflow Vulnerability
2016-11-27
http://www.securityfocus.com/bid/68549

Multiple Huawei Products Local Multiple Security Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94509

phpMyAdmin PMASA-2016-59 Remote Information Disclosure Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94523

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94521

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94394

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94520

Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94471
IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94533

Linux Kernel CVE-2016-8650 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94532

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94536

Multiple Huawei Products CVE-2016-8768 Local Privilege Escalation
2016-11-26
http://www.securityfocus.com/bid/93885

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94535

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/93153

phpMyAdmin PMASA-2016-62 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94534

Multiple Cisco Products CVE-2016-1409 Remote Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/90872

phpMyAdmin PMASA-2016-64 Multiple Cross Site Scripting Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94530

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94528

phpMyAdmin PMASA-2016-61 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94529

phpMyAdmin PMASA-2016-65 Multiple Denial of Service Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94525

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94531

phpMyAdmin Multiple Full Path Information Disclosure Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94527

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-58 Insecure Key Generation Security Weakness
2016-11-26
http://www.securityfocus.com/bid/94524

PHP libicu 'locale_get_display_name()' Stack Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/68549

Multiple Huawei Products Local Multiple Security Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94509

phpMyAdmin PMASA-2016-59 Remote Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94523

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94521

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94394

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94520

Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94471
IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94533

Linux Kernel CVE-2016-8650 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94532

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94536

Multiple Huawei Products CVE-2016-8768 Local Privilege Escalation
2016-11-26
http://www.securityfocus.com/bid/93885

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94535

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/93153

phpMyAdmin PMASA-2016-62 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94534

Multiple Cisco Products CVE-2016-1409 Remote Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/90872

phpMyAdmin PMASA-2016-64 Multiple Cross Site Scripting Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94530

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94528

phpMyAdmin PMASA-2016-61 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94529

phpMyAdmin PMASA-2016-65 Multiple Denial of Service Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94525

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94531

phpMyAdmin Multiple Full Path Information Disclosure Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94527

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-58 Insecure Key Generation Security Weakness
2016-11-26
http://www.securityfocus.com/bid/94524

PHP libicu 'locale_get_display_name()' Stack Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/68549

Multiple Huawei Products Local Multiple Security Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94509

phpMyAdmin PMASA-2016-59 Remote Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94523

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94521

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94394

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94520

Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94471

SANS News

 

Threatpost

 

Exploit

Linux/x86 - Egg-hunter Shellcode (25 bytes)

Core FTP LE 2.2 - 'SSH/SFTP' Remote Buffer Overflow (PoC)

25.11.2016

Bugtraq

Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)

[SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)

Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)

[SECURITY] [DSA 3723-1] gst-plugins-good1.0 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)

WorldCIST'17 - Submission deadline: November 27 2016-11-24
ML (marialemos72 gmail com)

Malware

 

Phishing

Apple

25th November 2016

Your Apple ID was used to sign
in to iMessage on an iPhone 6.

info

24th November 2016

PAYPAL - VERIFICATION REQUIRED

Tesco Credit Card Services

23rd November 2016

Your Account

NatWest

23rd November 2016

New online login
authentication procedures

Vulnerebility

2016-11-25
http://www.securityfocus.com/bid/93885

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93153

phpMyAdmin PMASA-2016-62 Security Bypass Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94534

Multiple Cisco Products CVE-2016-1409 Remote Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/90872

phpMyAdmin PMASA-2016-64 Multiple Cross Site Scripting Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94530

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94528

phpMyAdmin PMASA-2016-61 Security Bypass Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94529

phpMyAdmin PMASA-2016-65 Multiple Denial of Service Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94525

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94531

phpMyAdmin Multiple Full Path Information Disclosure Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94527

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-58 Insecure Key Generation Security Weakness
2016-11-25
http://www.securityfocus.com/bid/94524

PHP libicu 'locale_get_display_name()' Stack Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/68549

Multiple Huawei Products Local Multiple Security Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94509

phpMyAdmin PMASA-2016-59 Remote Information Disclosure Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94523

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94521

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94394

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94520

Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94471

Xen CVE-2016-9382 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94470

Xen CVE-2016-9383 Memory Corruption Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94474

Xen CVE-2016-9385 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94472

Xen CVE-2016-9381 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94476

Xen PyGrub Multiple Privilege Escalation Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94473

phpMyAdmin CVE-2016-4412 Open Redirection Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94519

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94499

IBM FileNet Workplace CVE-2016-5981 Unspecified Cross Site Scripting Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94517

IBM Jazz Foundation CVE-2016-2947 Information Disclosure Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94518

IBM Tealeaf Customer Experience Server Side Request Forgery Security Bypass Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94516

IBM Sterling Connect:Direct CVE-2016-5991 Local Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94515
Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94471

Xen CVE-2016-9382 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94470

Xen CVE-2016-9383 Memory Corruption Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94474

Xen CVE-2016-9385 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94472

Xen CVE-2016-9381 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94476

Xen PyGrub Multiple Privilege Escalation Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94473

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94499

IBM FileNet Workplace CVE-2016-5981 Unspecified Cross Site Scripting Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94517

IBM Jazz Foundation CVE-2016-2947 Information Disclosure Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94518

IBM Tealeaf Customer Experience Server Side Request Forgery Security Bypass Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94516

IBM Sterling Connect:Direct CVE-2016-5991 Local Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94515

IBM Sterling Connect:Direct CVE-2016-5992 Local Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94514

Apache Karaf CVE-2016-8648 Remote Code Execution Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94513

Sivann ITDB 'examples_support/editable_ajax.php' Cross Site Scripting Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94511

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93965

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93842

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93957

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93474

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93956

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93563

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93964

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93955

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93567

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93844

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93962

QEMU CVE-2016-7170 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/92904

QEMU 'xilinx_ethlite.c' Heap Based Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93141

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93473

QEMU 'hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93273

QEMU Infinite Loop CVE-2016-7909 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93275Apache Karaf CVE-2016-8648 Remote Code Execution Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94513

Sivann ITDB 'examples_support/editable_ajax.php' Cross Site Scripting Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94511

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93965

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93842

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93957

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93474

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93956

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93563

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93964

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93955

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93567

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93844

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93962

QEMU CVE-2016-7170 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/92904

QEMU 'xilinx_ethlite.c' Heap Based Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93141

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93473

QEMU 'hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93273

QEMU Infinite Loop CVE-2016-7909 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93275

QEMU 'hw/usb/hcd-xhci.c' Infinite Loop Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93469

Less Compiler Arbitrary Code Execution Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94512

Huawei NEM CVE-2016-8775 Local Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94506

BigTree CMS 'redraw-field.php' Multiple Cross Site Scripting Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94510

BigTree CMS 'check-module-integrity.php' Cross Site Scripting Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94508

Multiple Huawei Products CVE-2016-8774 Local Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94503

Huawei FusionStorage CVE-2016-8803 Local Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94507

TomatoCart 'step_5.php' Multiple Cross Site Scripting Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94505

ISC BIND CVE-2016-2848 Remote Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93814

Multiple Huawei CloudEngine Products CVE-2016-8795 Integer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94504

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94067

Expat CVE-2016-5300 Incomplete Fix Remote Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/91159

SANS News

Extracting Shellcode From JavaScript

Free Software Quick Security Checklist

Threatpost

 

Exploit

Osticket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting

Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation...

Remote Utilities Host 6.3 - Denial of Service

24.11.2016

Bugtraq

[SYSS-2016-107] EASY HOME Alarmanlagen-Set - Cryptographic Issues (CWE-310) 2016-11-24
gerhard klostermeier syss de

[SYSS-2016-071] Blaupunkt Smart GSM Alarm SA 2500 Kit - Missing Protection against Replay Attacks 2016-11-24
matthias deeg syss de

[SYSS-2016-064] Multi Kon Trade M2B GSM Wireless Alarm System - Improper Restriction of Excessive Authentication Attempts (CWE-307) 2016-11-24
gerhard klostermeier syss de

[SYSS-2016-066] Multi Kon Trade M2B GSM Wireless Alarm System - Missing Protection against Replay Attacks 2016-11-24
gerhard klostermeier syss de

[CVE-2016-7098] GNU Wget < 1.18 Access List Bypass / Race Condition 2016-11-24
Dawid Golunski (dawid legalhackers com)

Malware

TrojanDownloader:JS/Nemucod  
JS/Nemucod  
Ransom:Win32/Locky.A
 

Trojan.Ismdoor

Ransom.OzozaLocker

Phishing

info

24th November 2016

PAYPAL - VERIFICATION REQUIRED

Tesco Credit Card Services

23rd November 2016

Your Account

Vulnerebility

BigTree CMS 'check-module-integrity.php' Cross Site Scripting Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94508

Multiple Huawei Products CVE-2016-8774 Local Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94503

Huawei FusionStorage CVE-2016-8803 Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94507

TomatoCart 'step_5.php' Multiple Cross Site Scripting Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94505

ISC BIND CVE-2016-2848 Remote Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93814

Multiple Huawei CloudEngine Products CVE-2016-8795 Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94504

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94067

Expat CVE-2016-5300 Incomplete Fix Remote Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91159

Linux Kernel 'usbhid/hiddev.c' Local Heap Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91450

Linux Kernel CVE-2016-7117 Use-After-Free Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93304

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93793

PHP 'ext/session/session.c' Remote Code Injection Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92552

CakePHP Multiple Security Bypass Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94502

SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2016-11-24
http://www.securityfocus.com/bid/73684

MoinMoin 'action/fckdialog.py' Cross-Site Scripting Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94501

SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2016-11-24
http://www.securityfocus.com/bid/58796

IETF RFC 3279 X.509 Certificate MD5 Signature Collision Vulnerability
2016-11-24
http://www.securityfocus.com/bid/33065

Apache Tomcat Security Manager CVE-2016-5018 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93942

Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93944

Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93943

libTIFF CVE-2016-5320 Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91195

LibTIFF 'NeXTDecode()' Function Out of Bounds Write Memory Corruption Vulnerability
2016-11-24
http://www.securityfocus.com/bid/81696

Linux Kernel 'ip_tunnel.c' Local Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94500

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94499

w3m Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94464

Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94295

LXC CVE-2016-8649 Directory Traversal Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94498

MoinMoin Multiple HTML Injection Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94259

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93643

Wordpress csv2wpec-coupon Plugin CVE-2015-1000013 Arbitrary File Upload Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94497Linux Kernel 'usbhid/hiddev.c' Local Heap Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91450

Linux Kernel CVE-2016-7117 Use-After-Free Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93304

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93793

PHP 'ext/session/session.c' Remote Code Injection Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92552

SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2016-11-24
http://www.securityfocus.com/bid/73684

SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2016-11-24
http://www.securityfocus.com/bid/58796

IETF RFC 3279 X.509 Certificate MD5 Signature Collision Vulnerability
2016-11-24
http://www.securityfocus.com/bid/33065

Apache Tomcat Security Manager CVE-2016-5018 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93942

Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93944

Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93943

libTIFF CVE-2016-5320 Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91195

LibTIFF 'NeXTDecode()' Function Out of Bounds Write Memory Corruption Vulnerability
2016-11-24
http://www.securityfocus.com/bid/81696

Linux Kernel 'ip_tunnel.c' Local Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94500

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94499

w3m Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94464

Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94295

LXC CVE-2016-8649 Directory Traversal Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94498

MoinMoin Multiple HTML Injection Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94259

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93643

Wordpress csv2wpec-coupon Plugin CVE-2015-1000013 Arbitrary File Upload Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94497

WordPress mypixs Plugin CVE-2015-1000012 Local File Include Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94495

Ipswitch WhatsUp Gold CVE-2016-1000000 SQL Injection Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94496

Multiple Samsung Galaxy Product CVE-2016-9567 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94494

Oracle Java SE CVE-2016-5582 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93623

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93637

Oracle Java SE CVE-2016-5556 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93618

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93621

libdwarf CVE-2016-9558 Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94491OpenSSL 'crypto/asn1/a_d2i_fp.c' Local Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/87940

OpenSSL CVE-2016-2105 Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/89757

Palo Alto Networks PAN-OS CVE-2016-9151 Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94400

GNU Bash CVE-2016-9401 Local Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94398

Multiple IBM Products CVE-2015-2017 HTTP Response Splitting Vulnerability
2016-11-24
http://www.securityfocus.com/bid/78457

OpenSSH CVE-2016-6210 User Enumeration Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91812

Linux-PAM '_unix_run_helper_binary()' Function Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/75428

OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/76317

OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/75525

'pam_userdb' Module CVE-2013-7041 Password Hashes Security Weakness
2016-11-24
http://www.securityfocus.com/bid/64180

Oracle Java SE CVE-2016-3598 Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91918

IBM Tivoli Storage Manager CVE-2016-0371 Local Information Disclosure Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94148

Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91818

Teeworlds 'client.cpp' Memory Corruption Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94381

OpenSSL CVE-2016-0797 Multiple Integer Overflow Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/83763

OpenSSL CVE-2016-0705 Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/83754

OpenSSL CVE-2016-0798 Memory Leak Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/83705

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2016-11-24
http://www.securityfocus.com/bid/89746

OpenSSL CVE-2016-2106 Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/89744

MyBB Versions Prior To 1.8.8 Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94396

MyBB Prior to 1.8.6 Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94397

MyBB Prior to 1.8.7 Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94395

Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94295

Multiple Android Products CVE-2016-6564 Man in the Middle Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94393

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94394

Multiple Siemens IP CCTV Cameras CVE-2016-9155 Information Disclosure Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94392

IBM Sterling B2B Integrator CVE-2016-5890 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94391

IBM Kenexa LCMS Premier on Cloud CVE-2016-5948 Cross Site Scripting Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94388

IBM Sterling B2B Integrator CVE-2016-3057 Unspecified Cross Site Scripting Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94389

IBM Kenexa LCMS Premier on Cloud CVE-2016-5937 Cross Site Request Forgery Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94390Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94295

LXC CVE-2016-8649 Directory Traversal Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94498

MoinMoin Multiple HTML Injection Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94259

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93643

Wordpress csv2wpec-coupon Plugin CVE-2015-1000013 Arbitrary File Upload Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94497

WordPress mypixs Plugin CVE-2015-1000012 Local File Include Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94495

Ipswitch WhatsUp Gold CVE-2016-1000000 SQL Injection Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94496

Multiple Samsung Galaxy Product CVE-2016-9567 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94494

Oracle Java SE CVE-2016-5582 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93623

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93637

Oracle Java SE CVE-2016-5556 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93618

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93621

libdwarf CVE-2016-9558 Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94491

ImageMagick CVE-2016-9556 Heap Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94492

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93150

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92984

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91081

Foxit Reader and PhantomPDF Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94370

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92628

Red Hat Ceph CVE-2016-8626 Remote Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94488

JasPer 'jas_image.c' Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94490

ImageMagick CVE-2016-9559 Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94489

Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/69258

TestDisk 'Check_OS2MB()' Method Stack Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/74410

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92117

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/92987

SANS News

 

Threatpost

 

Exploit

UCanCode - Multiple Vulnerabilities

Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow

Windows x64 - Download & Execute Shellcode (358 bytes)

GNU Wget < 1.18 - Access List Bypass / Race Condition

Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation...

23.11.2016

Bugtraq

CVE-2015-1251: Chrome blink Speech­Recognition­Controller use-after-free details 2016-11-23
Berend-Jan Wever (berendj nwever nl)

[SYSS-2016-106] EASY HOME Alarmanlagen-Set - Missing Protection against Replay Attacks 2016-11-23
matthias deeg syss de

[SYSS-2016-072] Olympia Protect 9061 - Missing Protection against Replay Attacks 2016-11-23
matthias deeg syss de

[CORE-2016-0007] - TP-LINK TDDP Multiple Vulnerabilities 2016-11-22
CORE Advisories Team (advisories coresecurity com)

CVE-2015-0050: Microsoft Internet Explorer 8 MSHTML SRunPointer::SpanQualifier/RunType OOB read details 2016-11-22
Berend-Jan Wever (berendj nwever nl)

Web vulnerabilities in Siemens S7-300/S7-400/CP343-1/CP443-1 2016-11-21
Andrea Barisani (andrea inversepath com)

[SECURITY] [DSA 3719-1] wireshark security update 2016-11-21
Sebastien Delafond (seb debian org)

Malware

Ransom.PrincessLocker

W32.Disttrack.B

Phishing

NatWest

23rd November 2016

New online login
authentication procedures

Apple Support

21st November 2016

Apple Account

USAA

19th November 2016

MY SUBJECT

Vulnerebility

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/65400

Spring Framework CVE-2013-6429 Multiple XML External Entity Injection Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/64947

Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91818

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91453

dotCMS Multiple SQL Injection Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/94311

ImageMagick ' MagickCore/fx.c' Heap Buffer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94310

Linux Kernel 'crypto/algif_hash.c' Local Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94309

Jenkins 'Java Deserialization' Remote Code Execution Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94281

IBM Security Privileged Identity Manager Brute Force Authentication Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94308

pycsw CVE-2016-8640 SQL Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94302

IBM Kenexa LMS on Cloud CVE-2016-6123 Unspecified Cross-Site Scripting Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94305

IBM Kenexa LMS on Cloud CVE-2016-6124 Arbitrary File Upload Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94306

IBM Connections CVE-2016-2957 Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94300

IBM Kenexa LMS on Cloud CVE-2016-8913 Directory Traversal Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94304

BigTree CMS SQL Injection and Cross Site Scripting Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/94299

Exponent CMS SQL Injection Vulnerability and Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94296

IBM Kenexa LMS on Cloud CVE-2016-8920 Unspecified Cross-Site Scripting Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94303

IBM Kenexa LMS on Cloud CVE-2016-6126 Directory Traversal Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94301

TYPO3 TC Directmail Extension Open Redirection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94291

MuJS CVE-2016-9294 Null Pointer Deference Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94293

Git for Windows CVE-2016-9274 Unspecified Untrusted Search Path vulnerability
2016-11-23
http://www.securityfocus.com/bid/94289

p7zip Null Pointer Dereference CVE-2016-9296 Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94294

Samsung Mobile Phones SystemUI CVE-2016-9277 Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94292

TYPO3 Secure Download Form Extension Unspecified Cross Site Scripting Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94288

TYPO3 Member Infosheets Extension SQL Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94290

Multiple Huawei Products CVE-2016-8773 Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94285

Samsung Mobile Phones Information Disclosure and Denial of Service Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/94283

TYPO3 Code Highlighter Extension Multiple Security Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/94287

TYPO3 Shibboleth Authentication Extension Unspecified SQL Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94286

libdwarf Multiple Heap Based Buffer Overflow Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/94284OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91081

Novell NetIQ Identity Manager CVE-2015-0787 HTML Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93972

Wordpress contus-video-comments Plugin 'save.php' Arbitrary File Upload Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93967

Moodle CVE-2016-7919 Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93971

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93153

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91319

SAP Hybris Management Console CVE-2016-6858 HTML Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93966

Joomla! Core CVE-2016-9081 Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93969

HP ThinkPwn UEFI BIOS 'SmmRuntime' Remote Privilege Escalation Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93958

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93964

Cisco AsyncOS CVE-2016-1480 Remote Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93914

HP System Management Homepage Multiple Security Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/93961

SAP Hybris Management Console CVE-2016-6857 HTML Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93960

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93965

PHP CVE-2016-5385 Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91821

Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91816

OpenSSL CVE-2016-2106 Integer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/89744

PHP 'snmp.c' Remote Format String Vulnerability
2016-11-23
http://www.securityfocus.com/bid/85800

Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91818

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93956

SAP Hybris CVE-2016-6859 Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93959

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93962

SAP Hybris Management Console CVE-2016-6856 Cross Site Scripting Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93954

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93957

PHP 'php_raw_url_encode()' Function Integer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/85801

PHP 'ext/phar/phar_object.c' Heap Buffer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/89154

PHP CVE-2016-4539 Remote Denial Of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/90174

PHP 'bcmath.c' Multiple Local Heap Overflow Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/90173

SANS News

Mapping Attack Methodology to Controls

Threatpost

Microsoft Cutting Off SHA-1 Support in February for Edge, IE 11

InPage Zero Day Used in Attacks Against Banks

Uber Portal Leaked Names, Phone Numbers, Email Addresses, Unique Identifiers

Exploit

Linux Kenrel 2.6.10 < 2.6.31.5 - 'pipe.c' Privilege Escalation

Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak

Linux Kernel 2.6.18 - 'move_pages()' Information Leak

Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow (PoC)

Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes)

Crestron AM-100 - Multiple Vulnerabilities

SAP NetWeaver AS JAVA - 'BC-BMT-BPM-DSK' XML External Entity Injection

EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution

AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting

Microsoft Internet Explorer 8 MSHTML - 'Ptls5::Ls≠Find≠Span≠Visual≠Boundaries' Mem...

TP-LINK TDDP - Multiple Vulnerabilities

22.11.2016

Bugtraq

[CORE-2016-0007] - TP-LINK TDDP Multiple Vulnerabilities 2016-11-22
CORE Advisories Team (advisories coresecurity com)

CVE-2015-0050: Microsoft Internet Explorer 8 MSHTML SRunPointer::SpanQualifier/RunType OOB read details 2016-11-22
Berend-Jan Wever (berendj nwever nl)

Web vulnerabilities in Siemens S7-300/S7-400/CP343-1/CP443-1 2016-11-21
Andrea Barisani (andrea inversepath com)

[SECURITY] [DSA 3719-1] wireshark security update 2016-11-21
Sebastien Delafond (seb debian org)

[ERPSCAN-16-034] SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component 2016-11-21
ERPScan inc (erpscan online gmail com)

Nginx (Debian-based distros) - Root Privilege Escalation (CVE-2016-1247) 2016-11-21
Dawid Golunski (dawid legalhackers com)

[RCESEC-2016-009] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Persistent Cross-Site Scripting 2016-11-20
Julien Ahrens (info rcesecurity com)

[RCESEC-2016-008] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Full Path Information Disclosure 2016-11-20
Julien Ahrens (info rcesecurity com)

Malware

 

Phishing

 

Vulnerebility

IBM Business Process Manager Advanced and WebSphere Process Server Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/85089

IBM Mashups Center CVE-2015-7400 XML External Entity Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/77986

IBM Mashups CVE-2015-7407 Cross Site Request Forgery Vulnerability
2016-11-22
http://www.securityfocus.com/bid/78455

OpenSSL CVE-2015-3197 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/82237

Cryptsetup CVE-2016-4484 Multiple Local Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94315

OpenSSL CVE-2016-0701 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/82233

OpenSSL CVE-2016-0797 Multiple Integer Overflow Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/83763

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93628

mongodb-clients CVE-2016-6494 Local Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92204

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/91453

Multiple IBM DB2 Products CVE-2016-5995 Local Privilege Escalation Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93012

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-11-22
http://www.securityfocus.com/bid/91319

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92557

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92630

XStream CVE-2016-3674 XML External Entity Multiple Information Disclosure Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/85381

Perl CVE-2016-1238 Local Privilege Escalation Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92136

Perl CVE-2015-8853 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/86707

Perl 'perl.c' CVE-2016-2381 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/83802

Apache Tomcat CVE-2016-6816 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94461

Apache Tomcat CVE-2016-6817 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94462

w3m Multiple Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94464

w3m Multiple Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94407

Multiple Siemens Products Cross Site Request Forgery and Information Disclosure Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94460

Google Chrome Multiple Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94196

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93171

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93153

OpenSSH CVE-2016-6210 User Enumeration Vulnerability
2016-11-22
http://www.securityfocus.com/bid/91812

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93150

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7255 Local Privilege Escalation Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94064

LibTIFF 'tools/tiffcrop.c' Multiple Heap Buffer Overflow Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94424

PHP CVE-2016-7418 Out-of-Bounds Read Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93011

PHP CVE-2016-7413 Use After Free Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93006

PHP 'ext/spl/spl_array.c' Remote Denial Of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93007

PHP CVE-2016-7131 NULL pointer Dereference Remote Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92768

PHP 'ext/standard/var_unserializer.c' Memory Corruption Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93009

PHP 'ext/exif/exif.c' Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92564

PHP CVE-2016-7132 NULL pointer Dereference Remote Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92767

PHP 'ext/gd/gd.c' Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92757

PHP 'ext/wddx/wddx.c' Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92764

PHP 'wddx_deserialize()' Function Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92758

PHP 'ext/gd/gd.c' Heap Based Buffer Overflow Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92755

PHP 'ext/session/session.c' Remote Code Injection Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92552

PHP '__wakeup()' Function Remote Code Execution Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92756

Mozilla Firefox Mul