Databáze Hot News -

Rok - Úvod  2019  2018  2017  2016  2015  2014  2013  - 1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16  17  18  19  20  List  - 2018  2017  2016  2015  2014  2013 

Databáze - Úvod  Articles  Èlánky  Bugtraq  Malware   Phishing  Vulnerebility  SANS  Mobil Virus  Exploit  Útoky  IDS/IPS  Techniky hackerù  Threatpost  Papers

- Databáze Hot News 2017 -

Poslední aktualizace v 08.10.2016 14:19:38


2017


30.12.2017

Bugtraq

 

Malware

Trojan.Zezin

Phishing

 

Vulnerebility

LibTIFF CVE-2017-17942 Heap Based Buffer Overflow Vulnerability
2017-12-28
http://www.securityfocus.com/bid/102312

Wireshark 'epan/wslua/wslua_file.c' Denial of Service Vulnerability
2017-12-27
http://www.securityfocus.com/bid/102311

Red Hat CloudForms CVE-2017-15125 HTML Injection Vulnerability
2017-12-27
http://www.securityfocus.com/bid/102287

Symantec Norton Security for Mac CVE-2017-15528 Certificate Spoofing Vulnerability
2017-12-25
http://www.securityfocus.com/bid/101796

SANS News

2017, The Flood of CVEs

Threatpost

Leaky RootsWeb Server Exposes Some Ancestry.com User Data

Mozilla Patches Critical Bug in Thunderbird

Exploint

NetTransport 2.96L - Buffer Overflow (DEP Bypass)

27.12.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

SANS News

What are your Security Challenges for 2018?

Threatpost

Mozilla Patches Critical Bug in Thunderbird

Exploint

SilverStripe CMS 3.6.2 - CSV Excel Macro Injection

Sendroid < 6.5.0 - SQL Injection

Biometric Shift Employee Management System 3.0 - Local File Disclosure

Joomla! Component JEXTN FAQ Pro 4.0.0 - 'id' SQL Injection

GetGo Download Manager 5.3.0.2712 - Buffer Overflow

Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure

Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery

Easy!Appointments 1.2.1 - Cross-Site Scripting

Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure

Sony Playstation 4 4.05 FW - Local Kernel Loader

ALLMediaServer 0.95 - Buffer Overflow

26.12.2017

Bugtraq

 

Malware

Win32/Prosiak.AC

Win32/Sedkom.AA

Phishing

 

Vulnerebility

Symantec Norton Security for Mac CVE-2017-15528 Certificate Spoofing Vulnerability
2017-12-25
http://www.securityfocus.com/bid/101796

Apple iOS/tvOS/MacOS/watchOS Multiple Security Vulnerabilities
2017-12-25
http://www.securityfocus.com/bid/93054

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-25
http://www.securityfocus.com/bid/102115

Linux Kernel CVE-2017-16996 Local Memory Corruption Vulnerability
2017-12-22
http://www.securityfocus.com/bid/102267

SANS News

Dealing with obfuscated RTF files

Threatpost

 

Exploint

COMTREND ADSL Router CT-5367 - Remote Code Execution

Ubiquiti UniFi Video 3.7.3 - Local Privilege Escalation

GetGo Download Manager 5.3.0.2712 - Buffer Overflow

25.12.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-25
http://www.securityfocus.com/bid/102115

Mozilla Thunderbird Prior to 52.5.2 Multiple Security Vulnerabilities
2017-12-22
http://www.securityfocus.com/bid/102258

Moxa NPort W2150A and W2250A CVE-2017-16727 Unauthorized Access Vulnerability
2017-12-21
http://www.securityfocus.com/bid/102254

SANS News

Encrypted PDFs

PDF documents & URLs: update

Threatpost

Huawei Router Vulnerability Used to Spread Mirai Variant

Nissan Canada Finance Notifies 1.1 Million of Data Breach

Exploint

 

22.12.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Moxa NPort W2150A and W2250A CVE-2017-16727 Unauthorized Access Vulnerability
2017-12-21
http://www.securityfocus.com/bid/102254

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-20
http://www.securityfocus.com/bid/101274

Symantec Messaging Gateway CVE-2017-15532 Directory Traversal Vulnerability
2017-12-20
http://www.securityfocus.com/bid/102096

SANS News

I'm All Up in Your Blockchain, Pilfering Your Wallets

Threatpost

Google Play Boots 3 Fake Bitcoin Wallet Apps

Nissan Canada Finance Notifies 1.1 Million of Data Breach

Exploint

Trend Micro Smart Protection Server - Session Hijacking / Log File Disclosure / Remote...

21.12.2017

Bugtraq

 

Malware

Ransom.HC7

Phishing

 

Vulnerebility

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-20
http://www.securityfocus.com/bid/101274

Symantec Messaging Gateway CVE-2017-15532 Directory Traversal Vulnerability
2017-12-20
http://www.securityfocus.com/bid/102096

NetGain Systems Enterprise Manager CVE-2017-16607 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102219

Trend Micro Mobile Security Information Disclosure and Denial of Service Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102216

IBM RPA with Automation Anywhere CVE-2017-1751 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102217

IBM Business Process Manager CVE-2017-1494 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102218

IBM Integration Bus CVE-2017-1694 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102215

Linksys WVBR0-25 CVE-2017-17411 Remote Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102212

VideoLAN VLC 'mp4/libmp4.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102214

DotNetNuke CVE-2017-9822 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102213

IBM Maximo Asset Management CVE-2017-1558 Unspecified Open Redirect Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102211

Huawei FusionSphere OpenStack CVE-2017-8194 Router Authentication Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102209

Python 'Lib/webbrowser.py' Remote Command Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102207

EMC Isilon OneFS CVE-2017-14380 Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102210

Rapid7 Nexpose CVE-2017-5264 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102208

ImageMagick CVE-2017-17682 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102202

Ruby CVE-2017-17405 Multiple Command Execution Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102204

ImageMagick CVE-2017-17681 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102206

ImageMagick 'coders/xpm.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102203

Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102200

Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102170

Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102199

Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102197

Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102201

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102198

Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102195

Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102196

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/100515

Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102194

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102192

SANS News

 

Threatpost

CHM Help Files Deliver Brazilian Banking Trojan

Exploin

Samsung Internet Browser - SOP Bypass (Metasploit)

BEIMS ContractorWeb 5.18.0.0 - SQL Injection

Ability Mail Server 3.3.2 - Cross-Site Scripting

Conarc iChannel - Improper Access Restrictions

20.12.2017

Bugtraq

 

Malware

Android.Anubisspy

Phishing

 

Vulnerebility

Symantec Messaging Gateway CVE-2017-15532 Directory Traversal Vulnerability
2017-12-20
http://www.securityfocus.com/bid/102096

NetGain Systems Enterprise Manager CVE-2017-16607 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102219

Trend Micro Mobile Security Information Disclosure and Denial of Service Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102216

IBM RPA with Automation Anywhere CVE-2017-1751 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102217

IBM Business Process Manager CVE-2017-1494 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102218

IBM Integration Bus CVE-2017-1694 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102215

Linksys WVBR0-25 CVE-2017-17411 Remote Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102212

VideoLAN VLC 'mp4/libmp4.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102214

DotNetNuke CVE-2017-9822 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102213

IBM Maximo Asset Management CVE-2017-1558 Unspecified Open Redirect Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102211

Huawei FusionSphere OpenStack CVE-2017-8194 Router Authentication Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102209

Python 'Lib/webbrowser.py' Remote Command Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102207

EMC Isilon OneFS CVE-2017-14380 Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102210

Rapid7 Nexpose CVE-2017-5264 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102208

ImageMagick CVE-2017-17682 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102202

Ruby CVE-2017-17405 Multiple Command Execution Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102204

ImageMagick CVE-2017-17681 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102206

ImageMagick 'coders/xpm.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102203

Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102200

Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102170

Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102199

Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102197

Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102201

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102198

Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102195

Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102196

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/100515

Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102194

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102190

SANS News

Guest Diary (Etay Nir) Kernel Hooking Basics

Threatpost

U.S. Government Blames North Korea for WannaCry

User ‘Gross Negligence’ Leaves Hundreds of Lexmark Printers Open to Attack

Exploint

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)'...

19.12.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

VideoLAN VLC 'mp4/libmp4.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102214

DotNetNuke CVE-2017-9822 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102213

IBM Maximo Asset Management CVE-2017-1558 Unspecified Open Redirect Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102211

Huawei FusionSphere OpenStack CVE-2017-8194 Router Authentication Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102209

Python 'Lib/webbrowser.py' Remote Command Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102207

EMC Isilon OneFS CVE-2017-14380 Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102210

Rapid7 Nexpose CVE-2017-5264 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102208

ImageMagick CVE-2017-17682 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102202

Ruby CVE-2017-17405 Multiple Command Execution Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102204

ImageMagick CVE-2017-17681 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102206

ImageMagick 'coders/xpm.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102203

Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102200

Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102170

Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102199

Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102197

Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102201

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102198

Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102195

Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102196

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/100515

Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102194

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102190

Drupal Services Single Sign-On Client Module Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102189

Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102193

Cisco WebEx Network Recording Player CVE-2017-12359 Buffer Overflow Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102186

IBM Sterling File Gateway CVE-2017-1632 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102191

GraphicsMagick CVE-2017-17501 Heap-Based Buffer Overflow Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102185

Atlassian Bamboo CVE-2017-14589 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102188

Apple iOS and tvOS CVE-2017-13903 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102182F-Secure SAFE For Windows Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102121

OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102118

Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102117

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102108

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102104

Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102070

OpenStack Nova CVE-2017-17051 Incomplete Fix Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102102

OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102103

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102100

Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102101

Apple macOS APPLE-SA-2017-12-6-1 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102099

Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102098

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102097

Atlassian Confluence CVE-2017-16856 Multiple Cross Site Scripting Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102094

Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102084

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102083

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102073

SANS News

Example of 'MouseOver' Link in a Powerpoint File

Threatpost

Project Zero Chains Bugs for ‘aPAColypse Now’ Attack on Windows 10

Exploint

Intel Content Protection HECI Service - Type Confusion Privilege Escalation

Microsoft Windows - 'jscript!RegExpFncObj::LastParen' Out-of-Bounds Read

Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable

Microsoft Windows - jscript.dll 'Array.sort' Heap Overflow

Microsoft Windows - 'jscript!RegExpComp::Compile' Heap Overflow Through IE or Local...

Microsoft Internet Explorer 11 - 'jscript!JSONStringifyObject' Use-After-Free

Microsoft Windows - 'jscript!NameTbl::GetValDef' Use-After-Free

GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution

Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)

Jenkins - XStream Groovy classpath Deserialization (Metasploit)

Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)

Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection

BrightSign Digital Signage - Multiple Vulnerablities

18.12.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Ruby CVE-2017-17405 Multiple Command Execution Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102204

ImageMagick CVE-2017-17681 Denial of Service Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102206

ImageMagick 'coders/xpm.c' Denial of Service Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102203Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102200

Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102170

Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102199

Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102197

Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102201

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102198

Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102195

Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102196

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-18
http://www.securityfocus.com/bid/100515

Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102194

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102190

Drupal Services Single Sign-On Client Module Cross Site Scripting Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102189

Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102193

Cisco WebEx Network Recording Player CVE-2017-12359 Buffer Overflow Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102186

IBM Sterling File Gateway CVE-2017-1632 Cross Site Scripting Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102191

GraphicsMagick CVE-2017-17501 Heap-Based Buffer Overflow Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102185

Atlassian Bamboo CVE-2017-14589 Remote Code Execution Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102188

Apple iOS and tvOS CVE-2017-13903 Security Bypass Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102182

IBM Sterling File Gateway Directory Traversal and Information Disclosure Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102187

IBM Support Tools for Lotus WCM CVE-2017-1536 Cross Site Scripting Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102183

IBM Sterling File Gateway CVE-2017-1550 Access Bypass Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102184

WebKit Multiple Memory Corruption Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102181

jBPM Migration CVE-2017-7545 XML External Entity Injection Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102179

Lynx 'HTML.c:HTML_put_string()' Function Use After Free Information Disclosure Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102180

Apple iOS and Safari Multiple Security Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/97129

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102097

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102100

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-18
http://www.securityfocus.com/bid/101274

Apple iOS/watchOS/tvOS CVE-2017-13861 Memory Corruption Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102134

SANS News

Phish or scam? - Part 2

Threatpost

 

Exploint

Joomla! Component My Projects 2.0 - SQL Injection

Joomla! Component User Bench 1.0 - 'userid' SQL Injection

Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow

Zoom Linux Client 2.0.106600.0904 - Command Injection

CDex 1.96 - Buffer Overflow

Joomla! Component Guru Pro - 'promocode' SQL Injection

Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection

Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution

Outlook for Android - Attachment Download Directory Traversal

Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)

17.12.2017

Bugtraq

APPLE-SA-2017-12-13-1 iOS 11.2.1 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-12-13-2 tvOS 11.2.1 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

AST-2017-012: Remote Crash Vulnerability in RTCP Stack 2017-12-13
Asterisk Security Team (security asterisk org)

Malware

 

Phishing

 

Vulnerebility

Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102200

Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102170

Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102199

Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102197

Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102201

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102198

Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102195

Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102196

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-16
http://www.securityfocus.com/bid/100515

Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102194

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102190

Drupal Services Single Sign-On Client Module Cross Site Scripting Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102189

Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102193

Cisco WebEx Network Recording Player CVE-2017-12359 Buffer Overflow Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102186

IBM Sterling File Gateway CVE-2017-1632 Cross Site Scripting Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102191

GraphicsMagick CVE-2017-17501 Heap-Based Buffer Overflow Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102185

Atlassian Bamboo CVE-2017-14589 Remote Code Execution Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102188

Apple iOS and tvOS CVE-2017-13903 Security Bypass Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102182

IBM Sterling File Gateway Directory Traversal and Information Disclosure Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102187

IBM Support Tools for Lotus WCM CVE-2017-1536 Cross Site Scripting Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102183

IBM Sterling File Gateway CVE-2017-1550 Access Bypass Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102184

WebKit Multiple Memory Corruption Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102181

jBPM Migration CVE-2017-7545 XML External Entity Injection Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102179

Lynx 'HTML.c:HTML_put_string()' Function Use After Free Information Disclosure Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102180

Apple iOS and Safari Multiple Security Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/97129

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102097

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102100

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-16
http://www.securityfocus.com/bid/101274

Apple iOS/watchOS/tvOS CVE-2017-13861 Memory Corruption Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102134

SANS News

Microsoft Office VBA Macro Obfuscation via Metadata

Phish or scam? - Part 1

Threatpost

 

Exploint

Movie Guide 2.0 - SQL Injection

ITGuard-Manager 0.0.0.1 - Remote Code Execution

15.12.2017

Bugtraq

APPLE-SA-2017-12-13-1 iOS 11.2.1 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-12-13-2 tvOS 11.2.1 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

AST-2017-012: Remote Crash Vulnerability in RTCP Stack 2017-12-13
Asterisk Security Team (security asterisk org)

APPLE-SA-2017-12-13-7 Additional information for APPLE-SA-2017-12-6-4 tvOS 11.2 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

ADVISORY - Kemp Load Balancers - Module Application Firewall Pack (AFP) - Web Application Firewall (WAF) does not inspect HTTP POST data - CVE-2017-15524 2017-12-14
tim kretschmann pallas com

APPLE-SA-2017-12-13-5 Safari 11.0.2 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 4064-1] chromium-browser security update 2017-12-12
Michael Gilbert (mgilbert debian org)

Advisory - Fisheye and Crucible - CVE-2017-14591 2017-12-10
Atlassian (security atlassian com)

Malware

 

Phishing

 

Vulnerebility

Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102200

Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102170

Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102199

Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102197

Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102201

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102198

Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102195

Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102196

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-15
http://www.securityfocus.com/bid/100515

Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102194

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102190

Drupal Services Single Sign-On Client Module Cross Site Scripting Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102189

Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102193

Cisco WebEx Network Recording Player CVE-2017-12359 Buffer Overflow Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102186

IBM Sterling File Gateway CVE-2017-1632 Cross Site Scripting Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102191

GraphicsMagick CVE-2017-17501 Heap-Based Buffer Overflow Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102185

Atlassian Bamboo CVE-2017-14589 Remote Code Execution Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102188

Apple iOS and tvOS CVE-2017-13903 Security Bypass Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102182

IBM Sterling File Gateway Directory Traversal and Information Disclosure Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102187

IBM Support Tools for Lotus WCM CVE-2017-1536 Cross Site Scripting Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102183

IBM Sterling File Gateway CVE-2017-1550 Access Bypass Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102184

WebKit Multiple Memory Corruption Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102181

jBPM Migration CVE-2017-7545 XML External Entity Injection Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102179

Lynx 'HTML.c:HTML_put_string()' Function Use After Free Information Disclosure Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102180

Apple iOS and Safari Multiple Security Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/97129

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102097

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102100

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-15
http://www.securityfocus.com/bid/101274

Apple iOS/watchOS/tvOS CVE-2017-13861 Memory Corruption Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102134

SANS News

Detection Lab: Visibility & Introspection for Defenders

Threatpost

Triton Malware Targets Industrial Control Systems in Middle East

Synaptics Says Claims of a Keylogger in HP Laptops are False

19-Year-Old TLS Vulnerability Weakens Modern Website Crypto

Exploint

Palo Alto Networks Firewalls - Remote root Code Execution

pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit)

Dup Scout Enterprise - Login Buffer Overflow (Metasploit)

Microsoft Office - DDE Payload Delivery (Metasploit)

Movie Guide 2.0 - SQL Injection

ITGuard-Manager 0.0.0.1 - Remote Code Execution

Sync Breeze 10.2.12 - Denial of Service

14.12.2017

Bugtraq

[SECURITY] [DSA 4064-1] chromium-browser security update 2017-12-12
Michael Gilbert (mgilbert debian org)

Advisory - Fisheye and Crucible - CVE-2017-14591 2017-12-10
Atlassian (security atlassian com)

[SECURITY] [DSA 4062-1] firefox-esr security update 2017-12-10
Moritz Muehlenhoff (jmm debian org)

Malware

Exp.CVE-2017-11886

Trojan.Trisis

Exp.CVE-2017-11890

Exp.CVE-2017-11889

Exp.CVE-2017-11893

Exp.CVE-2017-11894

Exp.CVE-2017-11895

Exp.CVE-2017-11901

Exp.CVE-2017-11907

Exp.CVE-2017-11913

Phishing

 

Vulnerebility

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102190

Drupal Services Single Sign-On Client Module Cross Site Scripting Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102189

Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102193

Cisco WebEx Network Recording Player CVE-2017-12359 Buffer Overflow Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102186

IBM Sterling File Gateway CVE-2017-1632 Cross Site Scripting Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102191

GraphicsMagick CVE-2017-17501 Heap-Based Buffer Overflow Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102185

Atlassian Bamboo CVE-2017-14589 Remote Code Execution Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102188

Apple iOS and tvOS CVE-2017-13903 Security Bypass Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102182

IBM Sterling File Gateway Directory Traversal and Information Disclosure Vulnerabilities
2017-12-14
http://www.securityfocus.com/bid/102187

IBM Support Tools for Lotus WCM CVE-2017-1536 Cross Site Scripting Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102183

IBM Sterling File Gateway CVE-2017-1550 Access Bypass Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102184

WebKit Multiple Memory Corruption Vulnerabilities
2017-12-14
http://www.securityfocus.com/bid/102181

jBPM Migration CVE-2017-7545 XML External Entity Injection Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102179

Lynx 'HTML.c:HTML_put_string()' Function Use After Free Information Disclosure Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102180

Apple iOS and Safari Multiple Security Vulnerabilities
2017-12-14
http://www.securityfocus.com/bid/97129

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-14
http://www.securityfocus.com/bid/102097

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-14
http://www.securityfocus.com/bid/102100

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-14
http://www.securityfocus.com/bid/101274

Apple iOS/watchOS/tvOS CVE-2017-13861 Memory Corruption Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102134

Xen 'arch/x86/mm/paging.c' Denial of Service vulnerability
2017-12-14
http://www.securityfocus.com/bid/102175

Multiple Citrix Products CVE-2017-17549 Information Disclosure Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102177

wolfSSL CVE-2017-13099 Information Disclosure Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102174

Multiple Huawei Products CVE-2017-2700 Denial of Service Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102166

Fortinet FortiClient CVE-2017-7344 Privilege Escalation Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102176

Multiple Citrix Products CVE-2017-17382 Information Disclosure Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102173

Xen 'mm/shadow/multi.c' Memory Corruption Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102172

Symantec Norton Family for Android CVE-2017-15529 Local Denial of Service Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102119

Symantec Norton Family for Android CVE-2017-15530 Local Information Disclosure Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102120

Xen 'Hypervisor' Memory Corruption Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102169

SANS News

Security Planner: Improve your online safety

Threatpost

Permissions Flaw Found Azure AD Connect

Microsoft December Patch Tuesday Update Fixes 34 Bugs

Exploint

Microsoft Office - DDE Payload Delivery (Metasploit)

Palo Alto Networks Firewalls - Remote root Code Execution

pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit)

Dup Scout Enterprise - Login Buffer Overflow (Metasploit)

glibc ld.so - Memory Leak / Buffer Overflow

Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow...

Piwigo 2.9.1 - 'cat_true' / 'cat_false' SQL Injection

Bus Booking Script 1.0 - 'txtname' SQL Injection

FS Lynda Clone 1.0 - SQL Injection

Paid To Read Script 2.0.5 - 'uid' / 'fnum' / 'fn' SQL Injection

Readymade Video Sharing Script 3.2 - HTML Injection

Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read

Joomla! Component JEXTN Video Gallery 3.0.5 - 'id' SQL Injection

Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection

13.12.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Xen 'arch/x86/mm/paging.c' Denial of Service vulnerability
2017-12-13
http://www.securityfocus.com/bid/102175

Multiple Citrix Products CVE-2017-17549 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102177

wolfSSL CVE-2017-13099 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102174

Multiple Huawei Products CVE-2017-2700 Denial of Service Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102166

Fortinet FortiClient CVE-2017-7344 Privilege Escalation Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102176

Multiple Citrix Products CVE-2017-17382 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102173

Xen 'mm/shadow/multi.c' Memory Corruption Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102172

Symantec Norton Family for Android CVE-2017-15529 Local Denial of Service Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102119

Symantec Norton Family for Android CVE-2017-15530 Local Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102120

Xen 'Hypervisor' Memory Corruption Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102169

VMware AirWatch Console Module CVE-2017-4942 Access Bypass Vulnerabilitiy
2017-12-13
http://www.securityfocus.com/bid/102171

Multiple Cisco Products CVE-2017-17428 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102170

Cisco NX-OS System Software CVE-2017-12336 Local Unauthorized Access Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102168

GraphicsMagick CVE-2017-17500 Heap-Based Buffer Overflow Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102164

Xen '/mm/hap/hap.c' Memory Corruption Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102167

MatrixSSL Multiple Information Disclosure Vulnerabilities
2017-12-13
http://www.securityfocus.com/bid/91488

Oracle Java SE CVE-2012-5081 Remote Java Runtime Environment Vulnerability
2017-12-13
http://www.securityfocus.com/bid/56071

Multiple F5 BIG-IP Products CVE-2017-6168 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/101901

Cisco NX-OS System Software CVE-2017-12335 Local Command Injection Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102165

IBM MQ CVE-2017-1433 Denial of Service Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102163

Cisco NX-OS System Software CVE-2017-12334 Local Command Injection Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102162

Cisco NX-OS System Software CVE-2017-12333 Local Security Bypass Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102161

Cisco NX-OS System Software CVE-2017-12332 Arbitrary File Write Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102160

Cisco NX-OS System Software CVE-2017-12331 Local Security Bypass Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102159

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-13
http://www.securityfocus.com/bid/101274

Microsoft Windows RPC CVE-2017-11885 Remote Code Execution Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102055

GraphicsMagick CVE-2017-17498 Heap-Based Buffer Overflow Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102158

Microsoft Internet Explorer CVE-2017-11886 Remote Memory Corruption Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102062

Microsoft Windows Device Guard CVE-2017-11899 Remote Security Bypass Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102077

Microsoft Internet Explorer CVE-2017-11887 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102063

SANS News

Tracking Newly Registered Domains

Threatpost

New Spider Ransomware Comes With 96-Hour Deadline

Exploint

Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read

Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload

glibc ld.so - Memory Leak / Buffer Overflow

macOS/iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option...

macOS - Kernel Code Execution due to Lack of Bounds Checking in...

macOS/iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime...

Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in...

12.12.2017

Bugtraq

Advisory - Fisheye and Crucible - CVE-2017-14591 2017-12-10
Atlassian (security atlassian com)

[SECURITY] [DSA 4062-1] firefox-esr security update 2017-12-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4060-1] wireshark security update 2017-12-09
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4061-1] thunderbird security update 2017-12-10
Moritz Muehlenhoff (jmm debian org)

[slackware-security] openssl (SSA:2017-342-01) 2017-12-09
Slackware Security Team (security slackware com)

FreeBSD Security Advisory FreeBSD-SA-17:12.openssl 2017-12-09
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 4059-1] libxcursor security update 2017-12-08
Salvatore Bonaccorso (carnil debian org)

CISTI'2018 -- Doctoral Symposium -- Call for contributions 2017-12-08
ML (marialemos72 gmail com)

Malware

 

Phishing

From The Google Foundation

12th December 2017

From The Google Foundation

Vulnerebility

SAP Netweaver CVE-2017-16682 Remote Code Injection Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102143

SAP NOTE Unspecified Security Vulnerability
2017-12-12
http://www.securityfocus.com/bid/101822

SAP Business Intelligence Promotion Management CVE-2017-16681 Cross Site Scripting Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102142

SAP Kernel CVE-2017-16689 Authentication Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102144

SAP HANA CVE-2017-16680 Security Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102138

Adobe Reader and Acrobat Out-of-bounds Read Multiple Remote Code Execution Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102140Linux Kernel 'security/keys/keyctl.c' Local Security Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102135

ACDSee Ultimate CVE-2017-2886 Remote Code Execution Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102133

Google Android Framework Multiple Privilege Escalation Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102131

Citrix XenServer Multiple Security Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102129

Drupal Cloud Module Cross Site Request Forgery Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102132

Apple iOS/watchOS/tvOS CVE-2017-13861 Memory Corruption Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102134

Google Android Media Framework Components Multiple Security Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102126

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-12
http://www.securityfocus.com/bid/101274

Jenkins CVE-2017-17383 Multiple HTML Injection Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102130

Linux Kernel CVE-2017-15121 Local Denial of Service Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102128

Apache CXF Fediz CVE-2017-12631 Multiple Cross Site Request Forgery Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102127

LibTIFF CVE-2017-17095 Heap Based Buffer Overflow Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102124

Xiongmai IP Camera Module and DVR CVE-2017-16725 Stack Buffer Overflow Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102125

Fortinet FortiClient CVE-2017-14184 Local Information Disclosure Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102123

CODESYS Runtime 'plclinux_rt' Multiple Authentication Bypass Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102113

Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102122

F-Secure SAFE For Windows Cross Site Scripting Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102121

OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102118

Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102117

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102108

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102104

SANS News

 

Threatpost

Leftover Debugger Doubles as a Keylogger on Hundreds of HP Laptop Models

Exploint

macOS XNU Kernel - Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory...

iOS/macOS - Kernel Double Free due to IOSurfaceRootUserClient not Respecting MIG...

macOS - 'getrusage' Stack Leak Through struct Padding

macOS - 'necp_get_socket_attributes' so_pcb Type Confusion

MikroTik 6.40.5 ICMP - Denial of Service

LibTIFF pal2rgb 4.0.9 - Heap Buffer Overflow

Vanguard 1.4 - SQL Injection

Vanguard 1.4 - Arbitrary File Upload

Basic Job Site Script 2.0.5 - SQL Injection

Resume Clone Script 2.0.5 - SQL Injection

Advanced World Database 2.0.5 - SQL Injection

Muslim Matrimonial Script 3.02 - 'succid' SQL Injection

Groupon Clone Script 3.01 - 'state_id' / 'search' SQL Injection

Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload

Joomla! Component JBuildozer 1.4.1 - 'appid' SQL Injection

11.12.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Jenkins CVE-2017-17383 Multiple HTML Injection Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102130

Linux Kernel CVE-2017-15121 Local Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102128

Apache CXF Fediz CVE-2017-12631 Multiple Cross Site Request Forgery Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102127

LibTIFF CVE-2017-17095 Heap Based Buffer Overflow Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102124

Xiongmai IP Camera Module and DVR CVE-2017-16725 Stack Buffer Overflow Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102125

Fortinet FortiClient CVE-2017-14184 Local Information Disclosure Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102123

CODESYS Runtime 'plclinux_rt' Multiple Authentication Bypass Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102113

Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102122

F-Secure SAFE For Windows Cross Site Scripting Vulnerability
2017-12-11OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102118

Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102117

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102108

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102104

Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102070

OpenStack Nova CVE-2017-17051 Incomplete Fix Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102102

OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102103

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102100

Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102101

Apple macOS APPLE-SA-2017-12-6-1 Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102099

Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102098

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102097

Atlassian Confluence CVE-2017-16856 Multiple Cross Site Scripting Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102094

Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102084

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102083

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102073

Wireshark 'epan/dissectors/packet-cipsafety.c' Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102071

SANS News

Pornographic malspam pushes coin miner malware

Threatpost

 

Exploint

MikroTik 6.40.5 ICMP - Denial of Service

MLM Forex Market Plan Script 2.0.4 - 'newid' / 'eventid' SQL Injection

Entrepreneur Bus Booking Script 3.0.4 - 'sourcebus' SQL Injection

Advanced Real Estate Script 4.0.7 - SQL Injection

Single Theater Booking Script 3.2.1 - 'findcity.php?q' SQL Injection

Multiplex Movie Theater Booking Script 3.1.5 - 'moid' / 'eid' SQL Injection

Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection

Multireligion Responsive Matrimonial 4.7.2 - 'succid' SQL Injection

10.12.2017

Bugtraq

[SECURITY] [DSA 4057-1] erlang security update 2017-12-08
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4056-1] nova security update 2017-12-07
Sebastien Delafond (seb debian org)

Malware

 

Phishing

 

Vulnerebility

OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102118

Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102117

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102108

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102104

Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102070

OpenStack Nova CVE-2017-17051 Incomplete Fix Denial of Service Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102102

OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102103

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102100

Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102101

Apple macOS APPLE-SA-2017-12-6-1 Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102099

Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102098

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102097

Atlassian Confluence CVE-2017-16856 Multiple Cross Site Scripting Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102094

Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102084

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102083

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102073

Wireshark 'epan/dissectors/packet-cipsafety.c' Denial of Service Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102071OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102118

Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102117

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102108

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102104

Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102070

OpenStack Nova CVE-2017-17051 Incomplete Fix Denial of Service Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102102

OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102103

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102100

Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102101

Apple macOS APPLE-SA-2017-12-6-1 Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102099

Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102098

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102097

Atlassian Confluence CVE-2017-16856 Multiple Cross Site Scripting Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102094

Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102084

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102083

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102073

Wireshark 'epan/dissectors/packet-cipsafety.c' Denial of Service Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102071

SANS News

Sometimes it's a dud

Using Our API To Adjust iptables Rules

Threatpost

Apple Fixes Flaw Impacting HomeKit Devices

Android Flaw Poisons Signed Apps with Malicious Code

Exploint

Beauty Parlour Booking Script 1.0 - 'gender' / 'city' SQL Injection

Basic B2B Script 2.0.8 - 'product_details.php?id' SQL Injection

Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection

Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection

LabF nfsAxe FTP Client 3.7 - Buffer Overflow (DEP Bypass)

Apple macOS 10.13.1 (High Sierra) - Insecure Cron System Local Privilege Escalation

FS Monster Clone 1.0 - 'Employer_Details.php?id' SQL Injection

FS Olx Clone 1.0 - 'scat' / 'pid' SQL Injection

FS Quibids Clone 1.0 - SQL Injection

FS Shutterstock Clone 1.0 - 'keywords' SQL Injection

FS Stackoverflow Clone 1.0 - 'keywords' SQL Injection

FS Thumbtack Clone 1.0 - 'cat' / 'sc' SQL Injection

Realestate Crowdfunding Script 2.7.2 - 'pid' SQL Injection

8.12.2017

Bugtraq

[SECURITY] [DSA 4057-1] erlang security update 2017-12-08
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4056-1] nova security update 2017-12-07
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 4052-1] bzr security update 2017-11-29
Salvatore Bonaccorso (carnil debian org)

Malware

Linux.Satori

Phishing

App Store

7th December 2017

APPLE PURCHASE SUCCESSFULLY
PAYMENT CONFIRMATION SPOTIFY
PREMIUM

Vulnerebility

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102108Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102104

Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102070

OpenStack Nova CVE-2017-17051 Incomplete Fix Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102102

OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102103

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102100

Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102101

Apple macOS APPLE-SA-2017-12-6-1 Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102099

Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102098

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102097

Atlassian Confluence CVE-2017-16856 Multiple Cross Site Scripting Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102094

Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102084

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102083

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102073

Wireshark 'epan/dissectors/packet-cipsafety.c' Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102071

Google Android Multiple Qualcomm Components Multiple Unspecified Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102072

Cisco NX-OS System Software CVE-2017-12340 Local Unauthorized Access Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102069

Multiple F-Secure Internet Gatekeeper Products Information Disclosure Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102066

IBM BigInsights CVE-2017-1336 Remote Code Injection Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102061

Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102056

cURL/libcURL CVE-2017-8817 Memory Corruption Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102057

QEMU CVE-2017-17381 Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102059

IBM Connections Engagement Center Cross Site Scripting and Information Disclosure Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102051

IBM Financial Transaction Manager CVE-2017-1606 SQL Injection Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102049

IBM Connections CVE-2017-1498 Cross Site Scripting Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102048

SANS News

 

Threatpost

Banking Apps Found Vulnerable to MITM Attacks

TeamViewer Rushes Fix for Permissions Bug

Exploint

Website Auction Marketplace 2.0.5 - 'cat_id' SQL Injection

Simple Chatting System 1.0.0 - Arbitrary File Upload

DomainSale PHP Script 1.0 - 'id' SQL Injection

LabF nfsAxe FTP Client 3.7 - Buffer Overflow (DEP Bypass)

Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal

Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)

LaCie 5big Network 2.2.8 - Command Injection

OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting

FS Facebook Clone - 'token' SQL Injection

7.12.2017

Bugtraq

 

Malware

Win32/KillAV.NTD

Trojan.Bankice

Phishing

 

Vulnerebility

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102083Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102070

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-07
http://www.securityfocus.com/bid/102073

Wireshark 'epan/dissectors/packet-cipsafety.c' Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102071

Google Android Multiple Qualcomm Components Multiple Unspecified Security Vulnerabilities
2017-12-07
http://www.securityfocus.com/bid/102072

Cisco NX-OS System Software CVE-2017-12340 Local Unauthorized Access Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102069

Multiple F-Secure Internet Gatekeeper Products Information Disclosure Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102066

IBM BigInsights CVE-2017-1336 Remote Code Injection Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102061

Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102056

cURL/libcURL CVE-2017-8817 Memory Corruption Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102057

QEMU CVE-2017-17381 Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102059

IBM Connections Engagement Center Cross Site Scripting and Information Disclosure Vulnerabilities
2017-12-07
http://www.securityfocus.com/bid/102051

IBM Financial Transaction Manager CVE-2017-1606 SQL Injection Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102049

IBM Connections CVE-2017-1498 Cross Site Scripting Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102048

Amazon Audible CVE-2017-17069 DLL Loading Local Privilege Escalation Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102044

Multiple Siemens Products CVE-2017-12741 Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/101964

Apache Qpid Broker-J CVE-2017-15701 Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102041

IBM Sterling B2B Integrator CVE-2017-1481 Information Disclosure Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102043

IBM WebSphere MQ CVE-2017-1341 Unauthorized Access Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102042

Apache Qpid Broker CVE-2017-15702 Security Weakness
2017-12-07
http://www.securityfocus.com/bid/102040

SAP NOTE Unspecified Security Vulnerability
2017-12-07
http://www.securityfocus.com/bid/101822

Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102038

Mozilla Firefox MFSA2017-27 Multiple Security Vulnerabilities
2017-12-07
http://www.securityfocus.com/bid/102039

WordPress Prior to 4.9.1 Multiple Security Vulnerabilities
2017-12-07
http://www.securityfocus.com/bid/102024

Wireshark 'epan/dissectors/packet-iwarp-mpa.c' Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102030

Wireshark 'epan/dissectors/packet-netbios.c' Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102029

IBM Sterling File Gateway CVE-2017-1549 Cross Site Scripting Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102037

IBM Sterling File Gateway CVE-2017-1487 Information Disclosure Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102036

SANS News

Apple Updates Everything. Again.

Threatpost

Google Patches Critical Encryption Bug Impacting Pixel, Nexus Phones

Exploint

Linux Kernel - DCCP Socket Use-After-Free

Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash

Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path

Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)

OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting

FS Facebook Clone - 'token' SQL Injection

FS IMDB Clone - 'id' SQL Injection

6.12.2017

Bugtraq

 

Malware

Exp.CVE-2017-16408

Trojan.Finsev

Phishing

 

Vulnerebility

Multiple F-Secure Internet Gatekeeper Products Information Disclosure Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102066

IBM BigInsights CVE-2017-1336 Remote Code Injection Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102061

Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102056

cURL/libcURL CVE-2017-8817 Memory Corruption Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102057

QEMU CVE-2017-17381 Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102059

IBM Connections Engagement Center Cross Site Scripting and Information Disclosure Vulnerabilities
2017-12-06
http://www.securityfocus.com/bid/102051

IBM Financial Transaction Manager CVE-2017-1606 SQL Injection Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102049

IBM Connections CVE-2017-1498 Cross Site Scripting Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102048

Amazon Audible CVE-2017-17069 DLL Loading Local Privilege Escalation Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102044

Multiple Siemens Products CVE-2017-12741 Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/101964

Apache Qpid Broker-J CVE-2017-15701 Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102041

IBM Sterling B2B Integrator CVE-2017-1481 Information Disclosure Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102043

IBM WebSphere MQ CVE-2017-1341 Unauthorized Access Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102042

Apache Qpid Broker CVE-2017-15702 Security Weakness
2017-12-06
http://www.securityfocus.com/bid/102040

SAP NOTE Unspecified Security Vulnerability
2017-12-06
http://www.securityfocus.com/bid/101822

Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102038

Mozilla Firefox MFSA2017-27 Multiple Security Vulnerabilities
2017-12-06
http://www.securityfocus.com/bid/102039

WordPress Prior to 4.9.1 Multiple Security Vulnerabilities
2017-12-06
http://www.securityfocus.com/bid/102024

Wireshark 'epan/dissectors/packet-iwarp-mpa.c' Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102030

Wireshark 'epan/dissectors/packet-netbios.c' Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102029

IBM Sterling File Gateway CVE-2017-1549 Cross Site Scripting Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102037

IBM Sterling File Gateway CVE-2017-1487 Information Disclosure Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102036

IBM Sterling B2B Integrator CVE-2017-1482 Cross Site Scripting Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102035

IBM Atlas eDiscovery Process Management CVE-2017-1356 Unspecified SQL Injection Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102033

IBM Security Guardium CVE-2017-1271 Security Bypass Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102034

IBM Atlas eDiscovery Process Management CVE-2017-1355 Information Disclosure Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102016

Linux Kernel CVE-2017-1000405 Local Race Condition Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102032

Geovap Reliance SCADA CVE-2017-16721 Cross Site Scripting Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102031

Asterisk 'chan_skinny' Remote Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102023

Linux Kernel CVE-2017-16533 Local Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102026

SANS News

PSA: Do not Trust Reverse DNS (and why does an address resolve to "localhost").

Threatpost

Developers Targeted in ‘ParseDroid’ PoC Attack

Exploint

FS Shaadi Clone - 'token' SQL Injection

WinduCMS 3.1 - Local File Disclosure

FS Makemytrip Clone - 'id' SQL Injection

Readymade Classifieds Script 1.0 - SQL Injection

Techno Portfolio Management Panel - 'id' SQL Injection

Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation

Proxifier for Mac 2.19 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 4.0.23 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 4.0.24 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 5.0.0 - Local Privilege Escalation

Sera 1.2 - Local Privilege Escalation / Password Disclosure

Hashicorp vagrant-vmware-fusion 5.0.1 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 5.0.3 - Local Privilege Escalation

5.12.2017

Bugtraq

 

Malware

 

Phishing

service@paypal.com

5th December 2017

YOU RECEIPT SENT A PAYMENT TO
CLEVERBRIDGE, INC

Microsoft

4th December 2017

You are about to leave the
panel

Vulnerebility

SAP NOTE Unspecified Security Vulnerability
2017-12-05
http://www.securityfocus.com/bid/101822

Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102038

Mozilla Firefox MFSA2017-27 Multiple Security Vulnerabilities
2017-12-05
http://www.securityfocus.com/bid/102039

WordPress Prior to 4.9.1 Multiple Security Vulnerabilities
2017-12-05
http://www.securityfocus.com/bid/102024

Wireshark 'epan/dissectors/packet-iwarp-mpa.c' Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102030

Wireshark 'epan/dissectors/packet-netbios.c' Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102029IBM Sterling B2B Integrator CVE-2017-1482 Cross Site Scripting Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102035

IBM Atlas eDiscovery Process Management CVE-2017-1356 Unspecified SQL Injection Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102033

IBM Security Guardium CVE-2017-1271 Security Bypass Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102034

IBM Atlas eDiscovery Process Management CVE-2017-1355 Information Disclosure Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102016

Linux Kernel CVE-2017-1000405 Local Race Condition Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102032

Geovap Reliance SCADA CVE-2017-16721 Cross Site Scripting Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102031

Asterisk 'chan_skinny' Remote Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102023

Wireshark 'epan/dissectors/packet-iwarp-mpa.c' Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102030

Wireshark 'epan/dissectors/packet-netbios.c' Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102029

Linux Kernel CVE-2017-16533 Local Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102026

Linux Kernel 'drivers/usb/serial/console.c' Local Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102028

Multiple Cisco Nexus Series Switches CVE-2017-12342 Local Code Execution Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102027

Novell NetIQ Sentinel CVE-2016-1000031 Remote Code Execution Vulnerability
2017-12-05
http://www.securityfocus.com/bid/93604

WordPress Prior to 4.9.1 Multiple Security Vulnerabilities
2017-12-05
http://www.securityfocus.com/bid/102024

Linux Kernel CVE-2017-16531 Local Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102025

Linux Kernel 'drivers/usb/core/config.c' Local Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102022

FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2017-12-05
http://www.securityfocus.com/bid/99623

Apache Struts CVE-2017-15707 Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102021

OpenSSL CVE-2017-3736 Information Disclosure Vulnerability
2017-12-05
http://www.securityfocus.com/bid/101666

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-05
http://www.securityfocus.com/bid/100515

IBM Jazz Team Server CVE-2017-1570 Information Disclosure Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102020

Cisco NX-OS System Software CVE-2017-12351 Local Unauthorized Access Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102019

Cisco UCS Central Software Cross Site Scripting and Session Fixation Vulnerabilities
2017-12-05
http://www.securityfocus.com/bid/102018

Cisco FXOS and NX-OS System Software CVE-2017-12329 Local Command Injection Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102015

Multiple Cisco WebEx Products Multiple Security Vulnerabilities
2017-12-05
http://www.securityfocus.com/bid/102017

Cisco NX-OS System Software CVE-2017-12330 Local Command Injection Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102012

Xen Information Disclosure Vulnerability
2017-12-05
http://www.securityfocus.com/bid/101067

Xen CVE-2017-17045 Privilege Escalation Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102013

cURL/libcURL CVE-2017-8818 Out of Bounds Read Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102014

Linux Kernel CVE-2017-17053 Local Use After Free Memory Corruption Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102010

SANS News

IR using the Hive Project.

Threatpost

Google Cracks Down On Nosy Android Apps

Exploint

VX Search 10.2.14 - 'command_name' Buffer Overflow

Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation

Techno Portfolio Management Panel - 'id' SQL Injection

Readymade Classifieds Script 1.0 - SQL Injection

4.12.2017

Bugtraq

 

Malware

 

Phishing

Bank of America

4th December 2017

New Message from Boa

Vulnerebility

Novell NetIQ Sentinel CVE-2016-1000031 Remote Code Execution Vulnerability
2017-12-04
http://www.securityfocus.com/bid/93604

WordPress Prior to 4.9.1 Multiple Security Vulnerabilities
2017-12-04
http://www.securityfocus.com/bid/102024

Linux Kernel CVE-2017-16531 Local Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102025

Asterisk 'chan_skinny' Remote Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102023

Linux Kernel 'drivers/usb/core/config.c' Local Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102022FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2017-12-04
http://www.securityfocus.com/bid/99623

OpenSSL CVE-2017-3736 Information Disclosure Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101666

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-04
http://www.securityfocus.com/bid/100515

IBM Jazz Team Server CVE-2017-1570 Information Disclosure Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102020

Cisco NX-OS System Software CVE-2017-12351 Local Unauthorized Access Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102019

Cisco UCS Central Software Cross Site Scripting and Session Fixation Vulnerabilities
2017-12-04
http://www.securityfocus.com/bid/102018

Cisco FXOS and NX-OS System Software CVE-2017-12329 Local Command Injection Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102015

Multiple Cisco WebEx Products Multiple Security Vulnerabilities
2017-12-04
http://www.securityfocus.com/bid/102017

Cisco NX-OS System Software CVE-2017-12330 Local Command Injection Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102012

Xen Information Disclosure Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101067

Xen CVE-2017-17045 Privilege Escalation Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102013

cURL/libcURL CVE-2017-8818 Out of Bounds Read Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102014

Linux Kernel CVE-2017-17053 Local Use After Free Memory Corruption Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102010

Linux Kernel 'kernel/fork.c' Local Use After Free Memory Corruption Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102009

QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102011

Xen CVE-2017-17044 Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102008

Splunk Enterprise CVE-2017-17067 Multiple Security Bypass Vulnerabilities
2017-12-04
http://www.securityfocus.com/bid/102005

ZKTeco ZKTime Web CVE-2017-17056 Cross Site Request Forgery Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102007

ZKTeco ZKTime Web CVE-2017-17057 Cross Site Scripting Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102006

Cisco IP Phone 8800 Series CVE-2017-12328 Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102003

Cisco Prime Service Catalog CVE-2017-12364 SQL Injection Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102004

Cisco WebEx Network Recording Player CVE-2017-12360 Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102001

Cisco Email Security Appliance CVE-2017-12353 Remote Security Bypass Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102002

cURL/libcURL CVE-2017-8816 Buffer Overflow Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101998

Cisco WebEx Meetings Server CVE-2017-12363 Remote Security Bypass Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102000

Cisco WebEx Event Center CVE-2017-12365 Information Disclosure Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101999

EMC ScaleIO CVE-2017-8001 Local Information Disclosure Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101997

Cisco Data Center Network Manager Multiple Remote Security Vulnerabilities
2017-12-04
http://www.securityfocus.com/bid/101996

EMC ScaleIO CVE-2017-8020 Buffer Overflow Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101995

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation
2017-12-04
http://www.securityfocus.com/bid/101993

SANS News

 

Threatpost

 

Exploint

 

3.12.2017

Bugtraq

[SECURITY] [DSA 4052-1] bzr security update 2017-11-29
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 4051-1] curl security update 2017-11-29
Yves-Alexis Perez (corsac debian org)

Malware

 

Phishing

 

Vulnerebility

Cisco NX-OS System Software CVE-2017-12351 Local Unauthorized Access Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102019

Cisco UCS Central Software Cross Site Scripting and Session Fixation Vulnerabilities
2017-12-03
http://www.securityfocus.com/bid/102018

Cisco FXOS and NX-OS System Software CVE-2017-12329 Local Command Injection Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102015

Multiple Cisco WebEx Products Multiple Security Vulnerabilities
2017-12-03
http://www.securityfocus.com/bid/102017

Cisco NX-OS System Software CVE-2017-12330 Local Command Injection Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102012

Xen Information Disclosure Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101067

Xen CVE-2017-17045 Privilege Escalation Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102013

cURL/libcURL CVE-2017-8818 Out of Bounds Read Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102014

Linux Kernel CVE-2017-17053 Local Use After Free Memory Corruption Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102010

Linux Kernel 'kernel/fork.c' Local Use After Free Memory Corruption Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102009

QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102011

Xen CVE-2017-17044 Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102008

Splunk Enterprise CVE-2017-17067 Multiple Security Bypass Vulnerabilities
2017-12-03
http://www.securityfocus.com/bid/102005

ZKTeco ZKTime Web CVE-2017-17056 Cross Site Request Forgery Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102007

ZKTeco ZKTime Web CVE-2017-17057 Cross Site Scripting Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102006

Cisco IP Phone 8800 Series CVE-2017-12328 Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102003

Cisco Prime Service Catalog CVE-2017-12364 SQL Injection Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102004

Cisco WebEx Network Recording Player CVE-2017-12360 Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102001

Cisco Email Security Appliance CVE-2017-12353 Remote Security Bypass Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102002

cURL/libcURL CVE-2017-8816 Buffer Overflow Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101998

Cisco WebEx Meetings Server CVE-2017-12363 Remote Security Bypass Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102000

Cisco WebEx Event Center CVE-2017-12365 Information Disclosure Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101999

EMC ScaleIO CVE-2017-8001 Local Information Disclosure Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101997

Cisco Data Center Network Manager Multiple Remote Security Vulnerabilities
2017-12-03
http://www.securityfocus.com/bid/101996

EMC ScaleIO CVE-2017-8020 Buffer Overflow Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101995

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation
2017-12-03
http://www.securityfocus.com/bid/101993

EMC ScaleIO CVE-2017-8019 Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101991

Cisco Jabber for Windows CVE-2017-12361 Local Information Disclosure Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101994

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-12-03
http://www.securityfocus.com/bid/101832

Cisco Jabber CVE-2017-12358 Cross Site Scripting Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101992Cisco NX-OS System Software CVE-2017-12351 Local Unauthorized Access Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102019

Cisco UCS Central Software Cross Site Scripting and Session Fixation Vulnerabilities
2017-12-02
http://www.securityfocus.com/bid/102018

Cisco FXOS and NX-OS System Software CVE-2017-12329 Local Command Injection Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102015

Multiple Cisco WebEx Products Multiple Security Vulnerabilities
2017-12-02
http://www.securityfocus.com/bid/102017

Cisco NX-OS System Software CVE-2017-12330 Local Command Injection Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102012

Xen Information Disclosure Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101067

Xen CVE-2017-17045 Privilege Escalation Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102013

cURL/libcURL CVE-2017-8818 Out of Bounds Read Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102014

Linux Kernel CVE-2017-17053 Local Use After Free Memory Corruption Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102010

Linux Kernel 'kernel/fork.c' Local Use After Free Memory Corruption Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102009

QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102011

Xen CVE-2017-17044 Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102008

Splunk Enterprise CVE-2017-17067 Multiple Security Bypass Vulnerabilities
2017-12-02
http://www.securityfocus.com/bid/102005

ZKTeco ZKTime Web CVE-2017-17056 Cross Site Request Forgery Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102007

ZKTeco ZKTime Web CVE-2017-17057 Cross Site Scripting Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102006

Cisco IP Phone 8800 Series CVE-2017-12328 Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102003

Cisco Prime Service Catalog CVE-2017-12364 SQL Injection Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102004

Cisco WebEx Network Recording Player CVE-2017-12360 Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102001

Cisco Email Security Appliance CVE-2017-12353 Remote Security Bypass Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102002

cURL/libcURL CVE-2017-8816 Buffer Overflow Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101998

Cisco WebEx Meetings Server CVE-2017-12363 Remote Security Bypass Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102000

Cisco WebEx Event Center CVE-2017-12365 Information Disclosure Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101999

EMC ScaleIO CVE-2017-8001 Local Information Disclosure Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101997

Cisco Data Center Network Manager Multiple Remote Security Vulnerabilities
2017-12-02
http://www.securityfocus.com/bid/101996

EMC ScaleIO CVE-2017-8020 Buffer Overflow Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101995

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation
2017-12-02
http://www.securityfocus.com/bid/101993

EMC ScaleIO CVE-2017-8019 Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101991

Cisco Jabber for Windows CVE-2017-12361 Local Information Disclosure Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101994

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-12-02
http://www.securityfocus.com/bid/101832

Cisco Jabber CVE-2017-12358 Cross Site Scripting Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101992

SANS News

Using Bad Material for the Good

StartSSL: Termination of Services is Now Scheduled

Threatpost

Cisco Patches Critical Playback Bugs in WebEx Players

RAT Distributed Via Google Drive Targets East Asia

Exploint

Artica Web Proxy 3.06 - Remote Code Execution

MistServer 2.12 - Cross-Site Scripting

Jobs2Careers / Coroflot Clone - SQL Injection

Abyss Web Server < 2.11.6 - Heap Memory Corruption

1.12.2017

Bugtraq

[SECURITY] [DSA 4052-1] bzr security update 2017-11-29
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 4051-1] curl security update 2017-11-29
Yves-Alexis Perez (corsac debian org)

Advisory - Hipchat Data Center, Hipchat Server - CVE-2017-14585 2017-11-29
Matthew Hart (mhart atlassian com)

Malware

 

Phishing

Regions online

1st December 2017

Regions Access Alert.

offer on behalf of Survey Rew

29th November 2017

Consumer News: Get an [Amazon]
Gift Card!

Navy Federal Credit Union

28th November 2017

You have (1) new Security
message

Chase Bank

27th November 2017

Secure Message

Vulnerebility

Fortinet Fortiweb CVE-2017-7736 HTML Injection Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101916

TYPO3 T3Blog Extbase Extension Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101913

Cisco ASA Next-Generation Firewall Services CVE-2017-12299 Remote Security Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101915

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-01
http://www.securityfocus.com/bid/101274

Cisco Spark Board CVE-2017-12306 Local Security Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101914

Magento Multiple Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101912

Linux kernel 'block/bio.c' Multiple Local Information Disclosure Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101911

Moodle CVE-2017-15110 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101909

Symantec Norton Security for Mac CVE-2017-15528 Certificate Spoofing Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101796

Samba CVE-2017-15275 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101908

Infinispan 'hotrod java' Client Remote Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101910

Samba CVE-2017-14746 Arbitrary Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101907

Multiple Oracle Server Products Multiple Local Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101906

IBM Tivoli Monitoring CVE-2017-1635 Remote Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101905

IBM Rational DOORS Next Generation Multiple Cross Site Scripting Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101904

Multiple VMware Products CVE-2017-4934 Local Heap Buffer Overflow Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101903

Multiple VMware Products Out of Bounds Write Local Arbitrary Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101902

Multiple F5 BIG-IP Products CVE-2017-6168 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101901

OpenSAML CVE-2017-16853 Multipal Security Bypass Vulnerabilites
2017-12-01
http://www.securityfocus.com/bid/101898

IBM Business Process Manager CVE-2017-1628 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101900

Node.js ejs Package 'ejs.renderFile()' Function Remote Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101897

Cisco FindIT Discovery Utility DLL Loading Local Arbitrary Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101896

Amazon Key CVE-2017-16867 Security Weakness
2017-12-01
http://www.securityfocus.com/bid/101899

Symantec Management Console CVE-2017-15527 Directory Traversal Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101743

Multiple VMware Products Out of Bounds Read Multiple Local Arbitrary Code Execution Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101892

Node.js ejs Package 'ejs.renderFile()' function Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101893

IBM WebSphere Commerce CVE-2017-1484 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101894

IBM Rational DOORS Next Generation Multiple Cross Site Scripting Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101895

VMware NSX Edge CVE-2017-4929 Cross site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101891

Intel Unite App CVE-2017-5738 Privilege Escalation Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101888ZKTeco ZKTime Web CVE-2017-17056 Cross Site Request Forgery Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102007

ZKTeco ZKTime Web CVE-2017-17057 Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102006

Cisco IP Phone 8800 Series CVE-2017-12328 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102003

Cisco Prime Service Catalog CVE-2017-12364 SQL Injection Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102004Cisco WebEx Network Recording Player CVE-2017-12360 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102001

Cisco Email Security Appliance CVE-2017-12353 Remote Security Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102002

cURL/libcURL CVE-2017-8816 Buffer Overflow Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101998

Cisco WebEx Meetings Server CVE-2017-12363 Remote Security Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102000

Cisco WebEx Event Center CVE-2017-12365 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101999

EMC ScaleIO CVE-2017-8001 Local Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101997

Cisco Data Center Network Manager Multiple Remote Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101996

EMC ScaleIO CVE-2017-8020 Buffer Overflow Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101995

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation
2017-12-01
http://www.securityfocus.com/bid/101993

EMC ScaleIO CVE-2017-8019 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101991

Cisco Jabber for Windows CVE-2017-12361 Local Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101994

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101832

Cisco Jabber CVE-2017-12358 Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101992

Cisco Jabber CVE-2017-12356 Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101990

Apple macOS CVE-2017-13872 Authentication Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101981

Cisco IOS XR Software CVE-2017-12355 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101989

Cisco Unified Communications Manager CVE-2017-12357 Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101988

Cisco Meeting Server CVE-2017-12362 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101987

Cisco Secure Access Control System CVE-2017-12354 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101986

Cisco WebEx Meeting Center CVE-2017-12297 URL Redirection Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101985

Cisco WebEx Meeting Center CVE-2017-12366 Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101984

PowerDNS Authoritative Server Module Multiple Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101982

OpenEMR CVE-2017-16540 Remote Privilege Escalation Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101983

EMC RSA Authentication Agent for Web: Apache Web Server Authentication Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101980

Multiple EMC RSA products CVE-2017-14378 Authentication Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101979

Ethicon Endo-Surgery Generator G11 CVE-2017-14018 Local Authentication Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101978

Multiple Siemens SCALANCE Products Multiple Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101977

IBM Rational Rhapsody Design Manager CVE-2017-1240 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101976

QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101975

IBM Workload Scheduler CVE-2017-1716 Local Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101974

SANS News

Phishing Kit (Ab)Using Cloud Services

Threatpost

RAT Distributed Via Google Drive Targets East Asia

Exploint

HP iMC Plat 7.2 - Remote Code Execution (2)

HP iMC Plat 7.2 - Remote Code Execution

Jobs2Careers / Coroflot Clone - SQL Injection

WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal

30.11.2017

Bugtraq

Advisory - Hipchat Data Center, Hipchat Server - CVE-2017-14585 2017-11-29
Matthew Hart (mhart atlassian com)

Advisory - Remote code execution in HipChat for Mac desktop client - CVE-2017-14586 2017-11-29
Matthew Hart (mhart atlassian com)

[SECURITY] [DSA 4050-1] xen security update 2017-11-28
Moritz Muehlenhoff (jmm debian org)

Edward Snowden free speech at JBFone - Data Security & Privacy 2017-11-23
Vulnerability Lab (research vulnerability-lab com)

Malware

MSIL/Filecoder.Fantom.A

Win32/Agent.YJF

Win32/Filecoder.Fantom.A

Win32/KillWin.NCI

Win32/Patpoopy.D

Phishing

 

Vulnerebility

Cisco WebEx Network Recording Player CVE-2017-12360 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/102001

Cisco Email Security Appliance CVE-2017-12353 Remote Security Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/102002

cURL/libcURL CVE-2017-8816 Buffer Overflow Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101998

Cisco WebEx Meetings Server CVE-2017-12363 Remote Security Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/102000

Cisco WebEx Event Center CVE-2017-12365 Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101999

EMC ScaleIO CVE-2017-8001 Local Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101997

Cisco Data Center Network Manager Multiple Remote Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/101996

EMC ScaleIO CVE-2017-8020 Buffer Overflow Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101995

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation
2017-11-30
http://www.securityfocus.com/bid/101993

EMC ScaleIO CVE-2017-8019 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101991

Cisco Jabber for Windows CVE-2017-12361 Local Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101994Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/101832

Apple macOS CVE-2017-13872 Authentication Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101981

Cisco IOS XR Software CVE-2017-12355 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101989

Cisco Unified Communications Manager CVE-2017-12357 Cross Site Scripting Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101988

Cisco Meeting Server CVE-2017-12362 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101987

Cisco Secure Access Control System CVE-2017-12354 Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101986Cisco WebEx Meeting Center CVE-2017-12297 URL Redirection Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101985

Cisco WebEx Meeting Center CVE-2017-12366 Cross Site Scripting Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101984

PowerDNS Authoritative Server Module Multiple Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/101982

OpenEMR CVE-2017-16540 Remote Privilege Escalation Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101983

Apple macOS CVE-2017-13872 Authentication Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101981

EMC RSA Authentication Agent for Web: Apache Web Server Authentication Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101980

Multiple EMC RSA products CVE-2017-14378 Authentication Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101979

Ethicon Endo-Surgery Generator G11 CVE-2017-14018 Local Authentication Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101978

Multiple Siemens SCALANCE Products Multiple Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/101977

IBM Rational Rhapsody Design Manager CVE-2017-1240 Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101976

QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101975

IBM Workload Scheduler CVE-2017-1716 Local Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101974

Polycom HDX Endpoints Remote Code Execution Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101973

Cloud Foundry cf-deployment CVE-2017-14390 Multiple Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/101972

Red Hat OpenStack Platform CVE-2017-15114 Privilege Escalation Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101971

Multiple Cloud Foundry Products CVE-2017-8031 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101967

OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/78622

OpenSSL CVE-2015-3197 Security Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/82237

OpenSSL CVE-2015-3193 Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/78705

OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/78623

OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/78626

Linux Kernel 'mm/pagewalk.c' Local Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101969

Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101757

McAfee Network Security Manager CVE-2016-8029 Remote Authorization Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101970

Multiple TP-Link Routers CVE-2017-16957 Command Injection Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101968

libxml2 CVE-2016-1762 Multiple Memory Corruption Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/85059

Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/90865

Libxml2 CVE-2016-4448 Remote Format String Vulnerability
2017-11-30
http://www.securityfocus.com/bid/90856

Apple Mac OS X APPLE-SA-2016-05-16-4 Multiple Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/90696

Libxml2 'xmlParseName' CVE-2016-4447 Remote Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/90864

SANS News

More Malspam pushing Emotet malware

Threatpost

Critical Apple Login Bug Puts macOS High Sierra Systems at Risk

Exploint

macOS High Sierra - Root Privilege Escalation (Metasploit)

Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page

QEMU - NBD Server Long Export Name Stack Buffer Overflow

29.11.2017

Bugtraq

 

Malware

Exp.CVE-2017-16415

Exp.CVE-2017-16392

Exp.CVE-2017-16375

Exp.CVE-2017-16389

Exp.CVE-2017-16390

Exp.CVE-2017-16373

RANSOM_CRYPTOQKG.A

Phishing

 

Vulnerebility

IBM Rational Rhapsody Design Manager CVE-2017-1240 Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101976

QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101975

IBM Workload Scheduler CVE-2017-1716 Local Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101974

Polycom HDX Endpoints Remote Code Execution Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101973

Cloud Foundry cf-deployment CVE-2017-14390 Multiple Security Vulnerabilities
2017-11-29
http://www.securityfocus.com/bid/101972

Red Hat OpenStack Platform CVE-2017-15114 Privilege Escalation Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101971

Multiple Cloud Foundry Products CVE-2017-8031 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101967

OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/78622

OpenSSL CVE-2015-3197 Security Bypass Vulnerability
2017-11-29
http://www.securityfocus.com/bid/82237

OpenSSL CVE-2015-3193 Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/78705

OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/78623

OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/78626

Linux Kernel 'mm/pagewalk.c' Local Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101969

Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101757

McAfee Network Security Manager CVE-2016-8029 Remote Authorization Bypass Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101970

Multiple TP-Link Routers CVE-2017-16957 Command Injection Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101968

libxml2 CVE-2016-1762 Multiple Memory Corruption Vulnerabilities
2017-11-29
http://www.securityfocus.com/bid/85059

Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
2017-11-29
http://www.securityfocus.com/bid/90865

Libxml2 CVE-2016-4448 Remote Format String Vulnerability
2017-11-29
http://www.securityfocus.com/bid/90856

Apple Mac OS X APPLE-SA-2016-05-16-4 Multiple Security Vulnerabilities
2017-11-29
http://www.securityfocus.com/bid/90696

Libxml2 'xmlParseName' CVE-2016-4447 Remote Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/90864

Apple Mac OS X/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2017-11-29
http://www.securityfocus.com/bid/90691

libxml2 CVE-2016-3705 Stack Buffer Overflow Vulnerability
2017-11-29
http://www.securityfocus.com/bid/89854

NTP CVE-2016-7433 Local Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/94455

NTP CVE-2016-7429 Local Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/94453

Libxml2 'malloc.c' CVE-2016-3627 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/84992

OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/94242

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2017-11-29
http://www.securityfocus.com/bid/93793

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/95814

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/93171

SANS News

Apple High Sierra Uses a Passwordless Root Account

Fileless Malicious PowerShell Sample

Threatpost

Leaky AWS Storage Bucket Spills Military Secrets, Again

Google Detects and Boots Tizi Spyware Off Google Play

Critical Apple Login Bug Puts macOS High Sierra Systems at Risk

Exploint

Synology StorageManager 5.2 - Remote Root Command Execution

Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download

pfSense - Authenticated Group Member RCE (Metasploit)

Microsoft Windows 10 Creators Update (version 1703) (x86) - 'WARBIRD'...

28.11.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

libxml2 CVE-2016-1762 Multiple Memory Corruption Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/85059

Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
2017-11-28
http://www.securityfocus.com/bid/90865

Libxml2 CVE-2016-4448 Remote Format String Vulnerability
2017-11-28
http://www.securityfocus.com/bid/90856

Apple Mac OS X APPLE-SA-2016-05-16-4 Multiple Security Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/90696

Libxml2 'xmlParseName' CVE-2016-4447 Remote Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/90864

Apple Mac OS X/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/90691

libxml2 CVE-2016-3705 Stack Buffer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/89854

NTP CVE-2016-7433 Local Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/94455

NTP CVE-2016-7429 Local Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/94453

Libxml2 'malloc.c' CVE-2016-3627 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/84992

OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/94242

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2017-11-28
http://www.securityfocus.com/bid/93793

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-11-28
http://www.securityfocus.com/bid/95814

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/93171

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/93153OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/93150

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/92984

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/92628

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/92117

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2017-11-28
http://www.securityfocus.com/bid/91081

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/91319

OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/76317

MOXA EDS-G512E CVE-2017-13701 Information Disclosure Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101966

Multiple Siemens Products CVE-2017-12741 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101964

Huawei UMA CVE-2017-8122 Local Privilege Escalation Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101961

Huawei Smart Phones CVE-2017-8205 Integer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101963

Huawei Smart Phones CVE-2017-8204 Buffer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101962

Multiple HP Products CVE-2017-2750 DLL Signature Validation Remote Code Execution Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101965

Samba CVE-2017-9461 Remote Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/99455

Huawei Smart Phones CVE-2017-8203 Remote Code Execution Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101960

Huawei Smart Phones CVE-2017-8202 Buffer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101959

TYPO3 restler Component Arbitrary File Disclosure Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101958

Drupal Custom Permissions Module DRUPAL-SA-CONTRIB-2017-083 Access Bypass Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101957

Huawei Smart Phones CVE-2017-8179 Local Privilege Escalation Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101956

Linux Kernel CVE-2017-16939 Local Privilege Escalation Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101954

Fortinet FortiOS CVE-2017-14186 URI Redirection and Cross Site Scripting Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/101955

Fortinet FortiWebManager CVE-2017-14189 Security Bypass Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101953

Multiple Huawei Products CVE-2017-8201 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101952

Multiple Huawei Products CVE-2017-8199 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101951

OpenStack Nova CVE-2017-16239 Security Bypass Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101950

Multiple Huawei Products CVE-2017-8200 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101948

PostgreSQL CVE-2017-12172 Remote Privilege Escalation Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/101949

SANS News

 

Threatpost

Imgur Confirms 2014 Breach of 1.7 Million User Accounts

Newly Published Exploit Code Used to Spread Mirai Variant

HP to Patch Bug Impacting 50 Enterprise Printer Models

Exploint

Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download

ZTE ZXDSL 831CII - Improper Access Restrictions

Diving Log 6.0 - XML External Entity Injection

27.11.2017

Bugtraq

 

Malware

Exp.CVE-2017-16393

Phishing

 

Vulnerebility

Huawei Smart Phones CVE-2017-8202 Buffer Overflow Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101959

TYPO3 restler Component Arbitrary File Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101958

Drupal Custom Permissions Module DRUPAL-SA-CONTRIB-2017-083 Access Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101957

Huawei Smart Phones CVE-2017-8179 Local Privilege Escalation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101956

Linux Kernel CVE-2017-16939 Local Privilege Escalation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101954

Fortinet FortiOS CVE-2017-14186 URI Redirection and Cross Site Scripting Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101955

Fortinet FortiWebManager CVE-2017-14189 Security Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101953

Multiple Huawei Products CVE-2017-8201 Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101952

Multiple Huawei Products CVE-2017-8199 Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101951

OpenStack Nova CVE-2017-16239 Security Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101950

Multiple Huawei Products CVE-2017-8200 Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101948

PostgreSQL CVE-2017-12172 Remote Privilege Escalation Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101949

Atlassian Hipchat for Mac CVE-2017-14586 Remote Code Execution Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101947

Jenkins Favorite Plugin CVE-2017-1000243 Security Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101946

Atlassian Hipchat Server and Data Center CVE-2017-14585 Remote Code Execution Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101945

Jenkins Favorite Plugin CVE-2017-1000244 Cross Site Request Forgery Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101943

HP Integrated Lights-Out and Moonshot RCA Unspecified Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101944

GNU Binutils 'readelf.c' Heap Buffer Overflow Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101941

Jenkins Git Client Plugin CVE-2017-1000242 Insecure Temporary File Creation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101940

Joomla! 'com_tag' Component CVE-2017-15946 SQL Injection Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101942

IBM OpenPages GRC Platform CVE-2017-1300 Cross Site Request Forgery Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101939

HP Matrix Operating Environment HPESBMU03795 Multiple Remote Security Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101938

Google Android Local Privilege Escalation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101937

PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/99293

TYPO3 Formhandler Extension Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101935

TYPO3 Recommend Page Extension Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101936

oVirt Engine CVE-2017-15113 Debug Logging Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101933

Cisco Web Security Appliance CVE-2017-12303 Remote Security Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101932

libbpg 'cudata.cpp' Null Pointer Dereference Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101929

Cisco Identity Services Engine CVE-2017-12316 Brute Force Authentication Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101931Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101832

Cisco Registered Envelope Service Multiple Cross Site Scripting Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101863

Cisco Network Academy Packet Tracer DLL Loading Local Privilege Escalation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101858

Cisco Meeting Server H.264 Decoding CVE-2017-12311 Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101855

FreeBSD CVE-2017-1088 Local Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101857

Cisco RF Gateway 1 CVE-2017-12318 Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101854

Cisco Unified Communications Manager CVE-2017-12302 SQL Injection Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101853

Philips IntelliSpace Cardiovascular and Xcelera CVE-2017-14111 Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101850

Oracle Tuxedo CVE-2017-10266 Remote Security Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101852

Vir.IT Explorer Anti-Virus CVE-2017-16237 Local Privilege Escalation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101851

Drupal Permissions by Term Module Access Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101833

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-11-27
http://www.securityfocus.com/bid/101274

CA Identity Governance CVE-2017-9394 HTML Injection Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101849

Linux Kernel 'drivers/media/usb/dvb-usb/dib0700_devices.c' Local Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101846

SAP ERP Multiple Unspecified Security Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101848

Debian Postgresql-common CVE-2017-8806 Multiple Insecure Temporary File Handling Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101810

SAP HANA Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101847

SAP Landscape Management Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101845

Apache Sling Servlets Post CVE-2017-11296 Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101844

SAP GUI for HTML Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/100788

Adobe Experience Manager CVE-2017-3111 Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101843

Linux Kernel 'drivers/media/usb/hdpvr/hdpvr-core.c' Local Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101842

Microsoft Edge Scripting Engine CVE-2017-11841 Remote Memory Corruption Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101733

Oracle Tuxedo CVE-2017-10269 Remote Security Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101841

Oracle Fusion Middleware CVE-2017-10151 Remote Security Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101619

Microsoft Edge Scripting Engine CVE-2017-11862 Remote Memory Corruption Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101724

Adobe Digital Editions APSB17-39 Multiple Information Disclosure Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101839

SAP Composite Application Framework Authorization Tool XML External Entity Injection Vulnerability
2017-11-27
http://www.securityfocus.com/bid/97576

Adobe InDesign CVE-2017-11302 Memory Corruption Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101840

Adobe Experience Manager CVE-2017-3109 Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101834

SANS News

9 Fast and Easy Ways To Lose Your Crypto Coins

Threatpost

 

Exploint

Microsoft Edge Chakra JIT - 'BailOutOnTaggedValue' Bailouts Type Confusion

Microsoft Edge Chakra JIT - 'Inline::InlineCallApplyTarget_Shared' does not Return the...

Microsoft Edge Chakra JIT - Incorrect Function Declaration Scope

Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly

Exim 4.89 - 'BDAT' Denial of Service

25.11.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Huawei Smart Phones CVE-2017-8179 Local Privilege Escalation Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101956

Linux Kernel CVE-2017-16939 Local Privilege Escalation Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101954

Fortinet FortiOS CVE-2017-14186 URI Redirection and Cross Site Scripting Vulnerabilities
2017-11-26
http://www.securityfocus.com/bid/101955

Fortinet FortiWebManager CVE-2017-14189 Security Bypass Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101953

Multiple Huawei Products CVE-2017-8201 Denial of Service Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101952

Multiple Huawei Products CVE-2017-8199 Denial of Service Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101951

OpenStack Nova CVE-2017-16239 Security Bypass Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101950

Multiple Huawei Products CVE-2017-8200 Denial of Service Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101948

PostgreSQL CVE-2017-12172 Remote Privilege Escalation Vulnerabilities
2017-11-26
http://www.securityfocus.com/bid/101949

Atlassian Hipchat for Mac CVE-2017-14586 Remote Code Execution Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101947

Jenkins Favorite Plugin CVE-2017-1000243 Security Bypass Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101946

Atlassian Hipchat Server and Data Center CVE-2017-14585 Remote Code Execution Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101945

Jenkins Favorite Plugin CVE-2017-1000244 Cross Site Request Forgery Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101943

HP Integrated Lights-Out and Moonshot RCA Unspecified Information Disclosure Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101944

GNU Binutils 'readelf.c' Heap Buffer Overflow Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101941

Jenkins Git Client Plugin CVE-2017-1000242 Insecure Temporary File Creation Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101940

Joomla! 'com_tag' Component CVE-2017-15946 SQL Injection Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101942

IBM OpenPages GRC Platform CVE-2017-1300 Cross Site Request Forgery Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101939

HP Matrix Operating Environment HPESBMU03795 Multiple Remote Security Vulnerabilities
2017-11-26
http://www.securityfocus.com/bid/101938

Google Android Local Privilege Escalation Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101937

PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability
2017-11-26
http://www.securityfocus.com/bid/99293

TYPO3 Formhandler Extension Cross Site Scripting Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101935

TYPO3 Recommend Page Extension Cross Site Scripting Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101936

oVirt Engine CVE-2017-15113 Debug Logging Information Disclosure Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101933

Cisco Web Security Appliance CVE-2017-12303 Remote Security Bypass Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101932

libbpg 'cudata.cpp' Null Pointer Dereference Denial of Service Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101929

Cisco Identity Services Engine CVE-2017-12316 Brute Force Authentication Bypass Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101931

Cisco Immunet Antimalware CVE-2017-12312 DLL Loading Local Privilege Escalation Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101930

Intel Manageability Engine CVE-2017-5708 Multiple Local Privilege Escalation Vulnerabilities
2017-11-26
http://www.securityfocus.com/bid/101921

Cisco Email Security Appliance CVE-2017-12309 HTTP Response Splitting Vulnerability
2017-11-26
http://www.securityfocus.com/bid/10192

Huawei Smart Phones CVE-2017-8179 Local Privilege Escalation Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101956

Linux Kernel CVE-2017-16939 Local Privilege Escalation Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101954

Fortinet FortiOS CVE-2017-14186 URI Redirection and Cross Site Scripting Vulnerabilities
2017-11-25
http://www.securityfocus.com/bid/101955

Fortinet FortiWebManager CVE-2017-14189 Security Bypass Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101953

Multiple Huawei Products CVE-2017-8201 Denial of Service Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101952

Multiple Huawei Products CVE-2017-8199 Denial of Service Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101951

OpenStack Nova CVE-2017-16239 Security Bypass Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101950

Multiple Huawei Products CVE-2017-8200 Denial of Service Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101948

PostgreSQL CVE-2017-12172 Remote Privilege Escalation Vulnerabilities
2017-11-25
http://www.securityfocus.com/bid/101949

Atlassian Hipchat for Mac CVE-2017-14586 Remote Code Execution Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101947

Jenkins Favorite Plugin CVE-2017-1000243 Security Bypass Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101946

Atlassian Hipchat Server and Data Center CVE-2017-14585 Remote Code Execution Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101945

Jenkins Favorite Plugin CVE-2017-1000244 Cross Site Request Forgery Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101943

HP Integrated Lights-Out and Moonshot RCA Unspecified Information Disclosure Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101944

GNU Binutils 'readelf.c' Heap Buffer Overflow Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101941

Jenkins Git Client Plugin CVE-2017-1000242 Insecure Temporary File Creation Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101940

Joomla! 'com_tag' Component CVE-2017-15946 SQL Injection Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101942

IBM OpenPages GRC Platform CVE-2017-1300 Cross Site Request Forgery Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101939

HP Matrix Operating Environment HPESBMU03795 Multiple Remote Security Vulnerabilities
2017-11-25
http://www.securityfocus.com/bid/101938

Google Android Local Privilege Escalation Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101937

PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability
2017-11-25
http://www.securityfocus.com/bid/99293

TYPO3 Formhandler Extension Cross Site Scripting Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101935

TYPO3 Recommend Page Extension Cross Site Scripting Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101936

oVirt Engine CVE-2017-15113 Debug Logging Information Disclosure Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101933

Cisco Web Security Appliance CVE-2017-12303 Remote Security Bypass Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101932

libbpg 'cudata.cpp' Null Pointer Dereference Denial of Service Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101929

Cisco Identity Services Engine CVE-2017-12316 Brute Force Authentication Bypass Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101931

Cisco Immunet Antimalware CVE-2017-12312 DLL Loading Local Privilege Escalation Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101930

Intel Manageability Engine CVE-2017-5708 Multiple Local Privilege Escalation Vulnerabilities
2017-11-25
http://www.securityfocus.com/bid/101921

Cisco Email Security Appliance CVE-2017-12309 HTTP Response Splitting Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101928

SANS News

Exim Remote Code Exploit

Benefits associated with the use of Open Source Software

Threatpost

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

Exploint

Linux - 'mincore()' Uninitialized Kernel Heap Page Disclosure

ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode)

24.11.2017

Bugtraq

Edward Snowden free speech at JBFone - Data Security & Privacy 2017-11-23
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 4046-1] libspring-ldap-java security update 2017-11-22
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 4045-1] vlc security update 2017-11-21
Moritz Muehlenhoff (jmm debian org)

CSNC-2017-029 MyTy Blind SQL Injection 2017-11-21
Advisories (advisories compass-security com)

Malware

 

Phishing

service

23rd November 2017

Warning : Unusual activities
on your PayPal account

service

23rd November 2017

[Support Inc] : Your paypal
account has benn limited!

Natwest

23rd November 2017

Security Update

btinternet

23rd November 2017

Your btinternet account
settings are out of date.

Vulnerebility

Atlassian Hipchat for Mac CVE-2017-14586 Remote Code Execution Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101947

Jenkins Favorite Plugin CVE-2017-1000243 Security Bypass Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101946

Atlassian Hipchat Server and Data Center CVE-2017-14585 Remote Code Execution Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101945

Jenkins Favorite Plugin CVE-2017-1000244 Cross Site Request Forgery Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101943

HP Integrated Lights-Out and Moonshot RCA Unspecified Information Disclosure Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101944

GNU Binutils 'readelf.c' Heap Buffer Overflow Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101941

Jenkins Git Client Plugin CVE-2017-1000242 Insecure Temporary File Creation Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101940

Joomla! 'com_tag' Component CVE-2017-15946 SQL Injection Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101942

IBM OpenPages GRC Platform CVE-2017-1300 Cross Site Request Forgery Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101939

HP Matrix Operating Environment HPESBMU03795 Multiple Remote Security Vulnerabilities
2017-11-24
http://www.securityfocus.com/bid/101938

Google Android Local Privilege Escalation Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101937

PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability
2017-11-24
http://www.securityfocus.com/bid/99293

TYPO3 Formhandler Extension Cross Site Scripting Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101935

TYPO3 Recommend Page Extension Cross Site Scripting Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101936

oVirt Engine CVE-2017-15113 Debug Logging Information Disclosure Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101933

Cisco Web Security Appliance CVE-2017-12303 Remote Security Bypass Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101932

libbpg 'cudata.cpp' Null Pointer Dereference Denial of Service Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101929

Cisco Identity Services Engine CVE-2017-12316 Brute Force Authentication Bypass Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101931

Cisco Immunet Antimalware CVE-2017-12312 DLL Loading Local Privilege Escalation Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101930

Intel Manageability Engine CVE-2017-5708 Multiple Local Privilege Escalation Vulnerabilities
2017-11-24
http://www.securityfocus.com/bid/101921

Cisco Email Security Appliance CVE-2017-12309 HTTP Response Splitting Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101928

Jenkins Delivery Pipeline Plugin CVE-2017-1000404 Cross Site Scripting Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101927

Intel Trusted Execution Engine CVE-2017-5710 Multiple Local Privilege Escalation Vulnerabilities
2017-11-24
http://www.securityfocus.com/bid/101922

OpenStack Swauth CVE-2017-16613 Authentication Bypass Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101926

Intel Manageability Engine CVE-2017-5712 Remote Buffer Overflow Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101920

EMC RSA Authentication Manager CVE-2017-14379 HTML Injection Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101925

OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101552

FFmpeg CVE-2017-16840 Multiple Denial of Service Vulnerabilities
2017-11-24
http://www.securityfocus.com/bid/101924

QEMU 'hw/input/ps2.c' Information Disclosure Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101923

Intel Trusted Execution Engine CVE-2017-5707 Multiple Local Buffer Overflow Vulnerabilities
2017-11-24
http://www.securityfocus.com/bid/101919

SANS News

 

Threatpost

 

Exploint

 

23.11.2017

Bugtraq

[SECURITY] [DSA 4046-1] libspring-ldap-java security update 2017-11-22
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 4045-1] vlc security update 2017-11-21
Moritz Muehlenhoff (jmm debian org)

CSNC-2017-029 MyTy Blind SQL Injection 2017-11-21
Advisories (advisories compass-security com)

Malware

Exp.CVE-2017-11882

Win32/Agent.NDM

Exp.CVE-2017-16383

Exp.CVE-2017-16381

Exp.CVE-2017-16384

Phishing

btinternet

23rd November 2017

Your btinternet account
settings are out of date.

Vulnerebility

GNU Binutils 'readelf.c' Heap Buffer Overflow Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101941

Jenkins Git Client Plugin CVE-2017-1000242 Insecure Temporary File Creation Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101940

Joomla! 'com_tag' Component CVE-2017-15946 SQL Injection Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101942

IBM OpenPages GRC Platform CVE-2017-1300 Cross Site Request Forgery Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101939

HP Matrix Operating Environment HPESBMU03795 Multiple Remote Security Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101938

Google Android Local Privilege Escalation Vulnerability

PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/99293

TYPO3 Formhandler Extension Cross Site Scripting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101935

TYPO3 Recommend Page Extension Cross Site Scripting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101936

oVirt Engine CVE-2017-15113 Debug Logging Information Disclosure Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101933

Cisco Web Security Appliance CVE-2017-12303 Remote Security Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101932

libbpg 'cudata.cpp' Null Pointer Dereference Denial of Service Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101929

Cisco Identity Services Engine CVE-2017-12316 Brute Force Authentication Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101931

Cisco Immunet Antimalware CVE-2017-12312 DLL Loading Local Privilege Escalation Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101930

Intel Manageability Engine CVE-2017-5708 Multiple Local Privilege Escalation Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101921

Cisco Email Security Appliance CVE-2017-12309 HTTP Response Splitting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101928

Jenkins Delivery Pipeline Plugin CVE-2017-1000404 Cross Site Scripting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101927

Intel Trusted Execution Engine CVE-2017-5710 Multiple Local Privilege Escalation Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101922

OpenStack Swauth CVE-2017-16613 Authentication Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101926

Intel Manageability Engine CVE-2017-5712 Remote Buffer Overflow Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101920

EMC RSA Authentication Manager CVE-2017-14379 HTML Injection Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101925

OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101552

FFmpeg CVE-2017-16840 Multiple Denial of Service Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101924

QEMU 'hw/input/ps2.c' Information Disclosure Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101923

Intel Trusted Execution Engine CVE-2017-5707 Multiple Local Buffer Overflow Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101919

Multiple Oracle Server Products Multiple Local Security Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101906

Intel Manageability Engine CVE-2017-5711 Multiple Local Buffer Overflow Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101918

Intel Manageability Engine CVE-2017-5705 Multiple Local Buffer Overflow Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101917

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
2017-11-23
http://www.securityfocus.com/bid/36935

Fortinet Fortiweb CVE-2017-7736 HTML Injection Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101916

TYPO3 T3Blog Extbase Extension Cross Site Scripting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101913

Cisco ASA Next-Generation Firewall Services CVE-2017-12299 Remote Security Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101915

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-11-23
http://www.securityfocus.com/bid/101274

Cisco Spark Board CVE-2017-12306 Local Security Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101914

Magento Multiple Security Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101912

Linux kernel 'block/bio.c' Multiple Local Information Disclosure Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101911

SANS News

Proactive Malicious Domain Search

Threatpost

HP to Patch Bug Impacting 50 Enterprise Printer Models

Exploint

WebKit - 'WebCore::FormSubmission::create' Use-After-Free

WebKit - 'WebCore::RenderObject::previousSibling' Use-After-Free

WebKit - 'WebCore::DocumentLoader::frameLoader' Use-After-Free

WebKit - 'WebCore::Style::TreeResolver::styleForElement' Use-After-Free

WebKit - 'WebCore::SVGPatternElement::collectPatternAttributes' Out-of-Bounds Read

WebKit - 'WebCore::SimpleLineLayout::RunResolver::runForPoint' Out-of-Bounds Read

WebKit - 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read

22.11.2017

Bugtraq

[SECURITY] [DSA 4045-1] vlc security update 2017-11-21
Moritz Muehlenhoff (jmm debian org)

CSNC-2017-029 MyTy Blind SQL Injection 2017-11-21
Advisories (advisories compass-security com)

[security bulletin] HPESBHF03798 rev.1 - HPE Proliant Gen10 Servers, DL20 Gen9, ML30 Gen9 and Certain Apollo Servers Using Intel Server Platform Service (SPS) v4.0, Local Denial of Service and Execution of Arbitrary Code 2017-11-21
security-alert hpe com

Secunia Research: Oracle Outside In Denial of Service Vulnerability 2017-11-21
Secunia Research (remove-vuln secunia com)

[SECURITY] [DSA 4044-1] swauth security update 2017-11-21
Yves-Alexis Perez (corsac debian org)

CSNC-2017-030 MyTy Reflected Cross-Site Scripting (XSS) 2017-11-21
Advisories (advisories compass-security com)

FreeBSD Security Advisory FreeBSD-SA-17:10.kldstat [REVISED] 2017-11-21
FreeBSD Security Advisories (security-advisories freebsd org)

[CVE-2017-15044] DocuWare FullText Search - Incorrect Access Control vulnerability 2017-11-20
Graham Leggett (minfrin sharp fm)

Malware

MSH.Pushbank

Win32/TrojanDownloader.Tovkater.HB

Win32/Tapaoux.O
Android.Doublehidden

Phishing

 

Vulnerebility

Cisco Identity Services Engine CVE-2017-12316 Brute Force Authentication Bypass Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101931

Cisco Immunet Antimalware CVE-2017-12312 DLL Loading Local Privilege Escalation Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101930

Intel Manageability Engine CVE-2017-5708 Multiple Local Privilege Escalation Vulnerabilities
2017-11-22
http://www.securityfocus.com/bid/101921

Cisco Email Security Appliance CVE-2017-12309 HTTP Response Splitting Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101928

Jenkins Delivery Pipeline Plugin CVE-2017-1000404 Cross Site Scripting Vulnerability

Intel Trusted Execution Engine CVE-2017-5710 Multiple Local Privilege Escalation Vulnerabilities
2017-11-22
http://www.securityfocus.com/bid/101922

OpenStack Swauth CVE-2017-16613 Authentication Bypass Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101926

Intel Manageability Engine CVE-2017-5712 Remote Buffer Overflow Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101920

EMC RSA Authentication Manager CVE-2017-14379 HTML Injection Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101925

OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101552

FFmpeg CVE-2017-16840 Multiple Denial of Service Vulnerabilities
2017-11-22
http://www.securityfocus.com/bid/101924

QEMU 'hw/input/ps2.c' Information Disclosure Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101923

Intel Trusted Execution Engine CVE-2017-5707 Multiple Local Buffer Overflow Vulnerabilities
2017-11-22
http://www.securityfocus.com/bid/101919Multiple Oracle Server Products Multiple Local Security Vulnerabilities
2017-11-22
http://www.securityfocus.com/bid/101906

Intel Manageability Engine CVE-2017-5711 Multiple Local Buffer Overflow Vulnerabilities
2017-11-22
http://www.securityfocus.com/bid/101918

Intel Manageability Engine CVE-2017-5705 Multiple Local Buffer Overflow Vulnerabilities
2017-11-22
http://www.securityfocus.com/bid/101917

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
2017-11-22
http://www.securityfocus.com/bid/36935

Fortinet Fortiweb CVE-2017-7736 HTML Injection Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101916

TYPO3 T3Blog Extbase Extension Cross Site Scripting Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101913

Cisco ASA Next-Generation Firewall Services CVE-2017-12299 Remote Security Bypass Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101915

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-11-22
http://www.securityfocus.com/bid/101274

Cisco Spark Board CVE-2017-12306 Local Security Bypass Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101914

Magento Multiple Security Vulnerabilities
2017-11-22
http://www.securityfocus.com/bid/101912

Linux kernel 'block/bio.c' Multiple Local Information Disclosure Vulnerabilities
2017-11-22
http://www.securityfocus.com/bid/101911

Moodle CVE-2017-15110 Information Disclosure Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101909

Symantec Norton Security for Mac CVE-2017-15528 Certificate Spoofing Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101796

Samba CVE-2017-15275 Information Disclosure Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101908

Infinispan 'hotrod java' Client Remote Code Execution Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101910

Samba CVE-2017-14746 Arbitrary Code Execution Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101907

IBM Tivoli Monitoring CVE-2017-1635 Remote Code Execution Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101905

IBM Rational DOORS Next Generation Multiple Cross Site Scripting Vulnerabilities
2017-11-22
http://www.securityfocus.com/bid/101904

Multiple VMware Products CVE-2017-4934 Local Heap Buffer Overflow Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101903

Multiple VMware Products Out of Bounds Write Local Arbitrary Code Execution Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101902

Multiple F5 BIG-IP Products CVE-2017-6168 Information Disclosure Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101901

OpenSAML CVE-2017-16853 Multipal Security Bypass Vulnerabilites
2017-11-22
http://www.securityfocus.com/bid/101898

IBM Business Process Manager CVE-2017-1628 Denial of Service Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101900

Node.js ejs Package 'ejs.renderFile()' Function Remote Code Execution Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101897

Cisco FindIT Discovery Utility DLL Loading Local Arbitrary Code Execution Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101896

Amazon Key CVE-2017-16867 Security Weakness
2017-11-22
http://www.securityfocus.com/bid/101899

Symantec Management Console CVE-2017-15527 Directory Traversal Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101743

Multiple VMware Products Out of Bounds Read Multiple Local Arbitrary Code Execution Vulnerabilities
2017-11-22
http://www.securityfocus.com/bid/101892

Node.js ejs Package 'ejs.renderFile()' function Denial of Service Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101893

IBM WebSphere Commerce CVE-2017-1484 Information Disclosure Vulnerability
2017-11-22
http://www.securityfocus.com/bid/101894

SANS News

 

Threatpost

Uber Reveals 2016 Breach of 57 Million User Accounts

Intel Patches CPU Bugs Impacting Millions of PCs, Servers

Exploint

Vonage VDV-23 - Denial of Service

Microsoft Windows 10 - 'nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry)' Pool...

21.11.2017

Bugtraq

[CVE-2017-15044] DocuWare FullText Search - Incorrect Access Control vulnerability 2017-11-20
Graham Leggett (minfrin sharp fm)

[security bulletin] HPESBMU03794 rev.1 - HPE Insight Control, Multiple Remote Vulnerabilities 2017-11-16
security-alert hpe com

[security bulletin] HPESBMU03795 rev.1 - HPE Matrix Operating Environment, Multiple Remote Vulnerabilities 2017-11-16
security-alert hpe com

Malware

JS.Kraacha
Android.Fakeyouwon

Phishing

 

Vulnerebility

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-11-21
http://www.securityfocus.com/bid/101274

Linux kernel 'block/bio.c' Multiple Local Information Disclosure Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101911

Moodle CVE-2017-15110 Information Disclosure Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101909

Symantec Norton Security for Mac CVE-2017-15528 Certificate Spoofing Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101796

Samba CVE-2017-15275 Information Disclosure Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101908

Infinispan 'hotrod java' Client Remote Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101910

Samba CVE-2017-14746 Arbitrary Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101907

Multiple Oracle Server Products Multiple Local Security Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101906

IBM Tivoli Monitoring CVE-2017-1635 Remote Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101905

IBM Rational DOORS Next Generation Multiple Cross Site Scripting Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101904

Multiple VMware Products CVE-2017-4934 Local Heap Buffer Overflow Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101903

Multiple VMware Products Out of Bounds Write Local Arbitrary Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101902

Multiple F5 BIG-IP Products CVE-2017-6168 Information Disclosure Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101901

OpenSAML CVE-2017-16853 Multipal Security Bypass Vulnerabilites
2017-11-21
http://www.securityfocus.com/bid/101898

IBM Business Process Manager CVE-2017-1628 Denial of Service Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101900

Node.js ejs Package 'ejs.renderFile()' Function Remote Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101897

Cisco FindIT Discovery Utility DLL Loading Local Arbitrary Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101896

Amazon Key CVE-2017-16867 Security Weakness
2017-11-21
http://www.securityfocus.com/bid/101899

Symantec Management Console CVE-2017-15527 Directory Traversal Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101743

Multiple VMware Products Out of Bounds Read Multiple Local Arbitrary Code Execution Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101892

Node.js ejs Package 'ejs.renderFile()' function Denial of Service Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101893

IBM WebSphere Commerce CVE-2017-1484 Information Disclosure Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101894

IBM Rational DOORS Next Generation Multiple Cross Site Scripting Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101895

VMware NSX Edge CVE-2017-4929 Cross site Scripting Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101891

Intel Unite App CVE-2017-5738 Privilege Escalation Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101888

VMware Workstation DLL Loading CVE-2017-4939 Local Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101890

Node.js ejs Package 'ejs.renderFile()' function Cross Site Scripting Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101889

Varnish Cache CVE-2017-8807 Information Disclosure Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101886

Multiple VMware Products CVE-2017-4938 Denial of Service Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101887

Multiple Moxa NPort Products Multiple Denial of Service and Information Disclosure Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101885

Multiple F5 BIG-IP Products CVE-2017-6168 Information Disclosure Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101901

OpenSAML CVE-2017-16853 Multipal Security Bypass Vulnerabilites
2017-11-21
http://www.securityfocus.com/bid/101898

IBM Business Process Manager CVE-2017-1628 Denial of Service Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101900

Node.js ejs Package 'ejs.renderFile()' Function Remote Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101897

Cisco FindIT Discovery Utility DLL Loading Local Arbitrary Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101896

Amazon Key CVE-2017-16867 Security Weakness
2017-11-21
http://www.securityfocus.com/bid/101899

Symantec Management Console CVE-2017-15527 Directory Traversal Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101743

Multiple VMware Products Out of Bounds Read Multiple Local Arbitrary Code Execution Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101892

Node.js ejs Package 'ejs.renderFile()' function Denial of Service Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101893

IBM WebSphere Commerce CVE-2017-1484 Information Disclosure Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101894

IBM Rational DOORS Next Generation Multiple Cross Site Scripting Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101895

VMware NSX Edge CVE-2017-4929 Cross site Scripting Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101891

Intel Unite App CVE-2017-5738 Privilege Escalation Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101888

VMware Workstation DLL Loading CVE-2017-4939 Local Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101890

Node.js ejs Package 'ejs.renderFile()' function Cross Site Scripting Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101889

Varnish Cache CVE-2017-8807 Information Disclosure Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101886

Multiple VMware Products CVE-2017-4938 Denial of Service Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101887

Multiple Moxa NPort Products Multiple Denial of Service and Information Disclosure Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101885

Apache Camel CVE-2017-12633 Deserialization Remote Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101874

Multiple Siemens SICAM RTU Products Multiple Security Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101884

HP Insight Control CVE-2017-8969 Multiple Unspecified Input Validation Security Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101883

Node.js CVE-2017-14919 Denial of Service Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101881

Libav CVE-2017-16803 Denial of Service Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101882

Multiple TIBCO Products CVE-2017-5533 Information Disclosure Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101878

IBM Jazz Reporting Service CVE-2017-1340 Information Disclosure Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101880

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101832

Cisco Umbrella Insights Virtual Appliance CVE-2017-12350 Local Privilege Escalation Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101879

Linux kernel CVE-2017-15115 Local Denial of Service Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101877

Multiple TIBCO Products CVE-2014-2542 Multiple HTML Injection Vulnerabilities
2017-11-21
http://www.securityfocus.com/bid/101873

Apache Camel CVE-2017-12634 Deserialization Remote Code Execution Vulnerability
2017-11-21
http://www.securityfocus.com/bid/101876

SANS News

Internet Wide Ethereum JSON-RPC Scans

Threatpost

US-CERT Warns of ASLR Implementation Flaw In Windows

CENTCOM Says Massive Data Cache Found on Leaky Server is Benign

Exploint

Microsoft Office - OLE Remote Code Execution

Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass

Microsoft Windows 10 - 'nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry)' Pool...

20.11.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Apache Camel CVE-2017-12633 Deserialization Remote Code Execution Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101874

Multiple Siemens SICAM RTU Products Multiple Security Vulnerabilities
2017-11-20
http://www.securityfocus.com/bid/101884

HP Insight Control CVE-2017-8969 Multiple Unspecified Input Validation Security Vulnerabilities
2017-11-20
http://www.securityfocus.com/bid/101883

Node.js CVE-2017-14919 Denial of Service Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101881

Libav CVE-2017-16803 Denial of Service Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101882

Multiple TIBCO Products CVE-2017-5533 Information Disclosure Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101878

IBM Jazz Reporting Service CVE-2017-1340 Information Disclosure Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101880

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-11-20
http://www.securityfocus.com/bid/101832

Cisco Umbrella Insights Virtual Appliance CVE-2017-12350 Local Privilege Escalation Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101879

Linux kernel CVE-2017-15115 Local Denial of Service Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101877

Multiple TIBCO Products CVE-2014-2542 Multiple HTML Injection Vulnerabilities
2017-11-20
http://www.securityfocus.com/bid/101873

Apache Camel CVE-2017-12634 Deserialization Remote Code Execution Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101876

Oracle Tuxedo CVE-2017-10267 Remote Security Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101875

Apache Karaf CVE-2014-0219 Local Denial of Service Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101872

Oracle Tuxedo CVE-2017-10278 Remote Security Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101870

Oracle Tuxedo CVE-2017-10272 Remote Security Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101871

Apache CouchDB CVE-2017-12635 Remote Privilege Escalation Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101868

Cisco IP Phone 8800 Series CVE-2017-12305 Local Command Injection Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101869

Cisco IOS and IOS XE Software CVE-2017-12304 Cross Site Scripting Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101856

Zeta Components Mail CVE-2017-15806 Arbitrary Code Execution Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101866

Cisco Voice OS CVE-2017-12337 Unauthorized Access Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101865

FreeBSD CVE-2017-1087 Local Privilege Escalation Vulnerabiity
2017-11-20
http://www.securityfocus.com/bid/101867

Apache CXF CVE-2017-12624 Denial of Service Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101859

Cisco Firepower System Software CVE-2017-12300 Remote Security Bypass Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101862

Cisco HyperFlex System CVE-2017-12315 Local Information Disclosure Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101864

Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101757

FreeBSD CVE-2017-1086 Local Information Disclosure Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101861

Cisco Registered Envelope Service Multiple Cross Site Scripting Vulnerabilities
2017-11-20
http://www.securityfocus.com/bid/101863

Cisco Network Academy Packet Tracer DLL Loading Local Privilege Escalation Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101858

Cisco Meeting Server H.264 Decoding CVE-2017-12311 Denial of Service Vulnerability
2017-11-20
http://www.securityfocus.com/bid/101855

SANS News

One month later, Magniber ransomware is still out there

Threatpost

 

Exploint

iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service

Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass

18.11.2017

Bugtraq

 

Malware

Android.Rootnik.B

Phishing

on behalf of PayPal

18th November 2017

Receipt number:
1544-7345-9265-7756

Vulnerebility

Node.js CVE-2017-14919 Denial of Service Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101881

Libav CVE-2017-16803 Denial of Service Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101882

Multiple TIBCO Products CVE-2017-5533 Information Disclosure Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101878

IBM Jazz Reporting Service CVE-2017-1340 Information Disclosure Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101880

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-11-19
http://www.securityfocus.com/bid/101832

Cisco Umbrella Insights Virtual Appliance CVE-2017-12350 Local Privilege Escalation Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101879

Linux kernel CVE-2017-15115 Local Denial of Service Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101877

Multiple TIBCO Products CVE-2014-2542 Multiple HTML Injection Vulnerabilities
2017-11-19
http://www.securityfocus.com/bid/101873

Apache Camel CVE-2017-12634 Deserialization Remote Code Execution Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101876

Apache Camel CVE-2017-12633 Deserialization Remote Code Execution Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101874

Oracle Tuxedo CVE-2017-10267 Remote Security Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101875

Apache Karaf CVE-2014-0219 Local Denial of Service Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101872

Oracle Tuxedo CVE-2017-10278 Remote Security Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101870

Oracle Tuxedo CVE-2017-10272 Remote Security Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101871

Apache CouchDB CVE-2017-12635 Remote Privilege Escalation Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101868

Cisco IP Phone 8800 Series CVE-2017-12305 Local Command Injection Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101869

Cisco IOS and IOS XE Software CVE-2017-12304 Cross Site Scripting Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101856

Zeta Components Mail CVE-2017-15806 Arbitrary Code Execution Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101866

Cisco Voice OS CVE-2017-12337 Unauthorized Access Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101865

FreeBSD CVE-2017-1087 Local Privilege Escalation Vulnerabiity
2017-11-19
http://www.securityfocus.com/bid/101867

Apache CXF CVE-2017-12624 Denial of Service Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101859

Cisco Firepower System Software CVE-2017-12300 Remote Security Bypass Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101862

Cisco HyperFlex System CVE-2017-12315 Local Information Disclosure Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101864

Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101757

FreeBSD CVE-2017-1086 Local Information Disclosure Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101861

Cisco Registered Envelope Service Multiple Cross Site Scripting Vulnerabilities
2017-11-19
http://www.securityfocus.com/bid/101863

Cisco Network Academy Packet Tracer DLL Loading Local Privilege Escalation Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101858

Cisco Meeting Server H.264 Decoding CVE-2017-12311 Denial of Service Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101855

FreeBSD CVE-2017-1088 Local Information Disclosure Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101857

Cisco RF Gateway 1 CVE-2017-12318 Denial of Service Vulnerability
2017-11-19
http://www.securityfocus.com/bid/101854

Node.js CVE-2017-14919 Denial of Service Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101881

Libav CVE-2017-16803 Denial of Service Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101882

Multiple TIBCO Products CVE-2017-5533 Information Disclosure Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101878

IBM Jazz Reporting Service CVE-2017-1340 Information Disclosure Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101880

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-11-18
http://www.securityfocus.com/bid/101832

Cisco Umbrella Insights Virtual Appliance CVE-2017-12350 Local Privilege Escalation Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101879

Linux kernel CVE-2017-15115 Local Denial of Service Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101877

Multiple TIBCO Products CVE-2014-2542 Multiple HTML Injection Vulnerabilities
2017-11-18
http://www.securityfocus.com/bid/101873

Apache Camel CVE-2017-12634 Deserialization Remote Code Execution Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101876

Apache Camel CVE-2017-12633 Deserialization Remote Code Execution Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101874

Oracle Tuxedo CVE-2017-10267 Remote Security Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101875

Apache Karaf CVE-2014-0219 Local Denial of Service Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101872

Oracle Tuxedo CVE-2017-10278 Remote Security Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101870

Oracle Tuxedo CVE-2017-10272 Remote Security Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101871

Apache CouchDB CVE-2017-12635 Remote Privilege Escalation Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101868

Cisco IP Phone 8800 Series CVE-2017-12305 Local Command Injection Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101869

Cisco IOS and IOS XE Software CVE-2017-12304 Cross Site Scripting Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101856

Zeta Components Mail CVE-2017-15806 Arbitrary Code Execution Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101866

Cisco Voice OS CVE-2017-12337 Unauthorized Access Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101865

FreeBSD CVE-2017-1087 Local Privilege Escalation Vulnerabiity
2017-11-18
http://www.securityfocus.com/bid/101867

Apache CXF CVE-2017-12624 Denial of Service Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101859

Cisco Firepower System Software CVE-2017-12300 Remote Security Bypass Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101862

Cisco HyperFlex System CVE-2017-12315 Local Information Disclosure Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101864

Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101757

FreeBSD CVE-2017-1086 Local Information Disclosure Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101861

Cisco Registered Envelope Service Multiple Cross Site Scripting Vulnerabilities
2017-11-18
http://www.securityfocus.com/bid/101863

Cisco Network Academy Packet Tracer DLL Loading Local Privilege Escalation Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101858

Cisco Meeting Server H.264 Decoding CVE-2017-12311 Denial of Service Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101855

FreeBSD CVE-2017-1088 Local Information Disclosure Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101857

Cisco RF Gateway 1 CVE-2017-12318 Denial of Service Vulnerability
2017-11-18
http://www.securityfocus.com/bid/101854

SANS News

BTC Pickpockets

Threatpost

Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks

Amazon Promises Fix to Stop Key Service Hack

Exploint

VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH)

17.11.2017

Bugtraq

[security bulletin] HPESBMU03794 rev.1 - HPE Insight Control, Multiple Remote Vulnerabilities 2017-11-16
security-alert hpe com

[security bulletin] HPESBMU03795 rev.1 - HPE Matrix Operating Environment, Multiple Remote Vulnerabilities 2017-11-16
security-alert hpe com

[SECURITY] [DSA 4037-1] jackson-databind security update 2017-11-16
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 4039-1] opensaml2 security update 2017-11-16
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPESBHF03705 rev.4 - HPE Integrated Lights-Out 4, 3, 2 and Moonshot Remote Console Administrator (iLO 4 and MRCA) Remote Disclosure of Information 2017-11-15
security-alert hpe com

Malware

Exp.CVE-2017-16396
Exp.CVE-2017-16410

Phishing

 

Vulnerebility

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-11-17
http://www.securityfocus.com/bid/101832

Apache Camel CVE-2017-12634 Deserialization Remote Code Execution Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101876

Apache Camel CVE-2017-12633 Deserialization Remote Code Execution Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101874

Oracle Tuxedo CVE-2017-10267 Remote Security Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101875

Apache Karaf CVE-2014-0219 Local Denial of Service Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101872

Oracle Tuxedo CVE-2017-10278 Remote Security Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101870

Oracle Tuxedo CVE-2017-10272 Remote Security Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101871

Apache CouchDB CVE-2017-12635 Remote Privilege Escalation Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101868

Cisco IP Phone 8800 Series CVE-2017-12305 Local Command Injection Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101869

Cisco IOS and IOS XE Software CVE-2017-12304 Cross Site Scripting Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101856

Zeta Components Mail CVE-2017-15806 Arbitrary Code Execution Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101866

Cisco Voice OS CVE-2017-12337 Unauthorized Access Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101865

FreeBSD CVE-2017-1087 Local Privilege Escalation Vulnerabiity
2017-11-17
http://www.securityfocus.com/bid/101867

Apache CXF CVE-2017-12624 Denial of Service Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101859

Cisco Firepower System Software CVE-2017-12300 Remote Security Bypass Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101862

Cisco HyperFlex System CVE-2017-12315 Local Information Disclosure Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101864

Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101757

FreeBSD CVE-2017-1086 Local Information Disclosure Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101861

Cisco Registered Envelope Service Multiple Cross Site Scripting Vulnerabilities
2017-11-17
http://www.securityfocus.com/bid/101863

Cisco Network Academy Packet Tracer DLL Loading Local Privilege Escalation Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101858

Cisco Meeting Server H.264 Decoding CVE-2017-12311 Denial of Service Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101855

FreeBSD CVE-2017-1088 Local Information Disclosure Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101857

Cisco RF Gateway 1 CVE-2017-12318 Denial of Service Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101854

Cisco Unified Communications Manager CVE-2017-12302 SQL Injection Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101853

Philips IntelliSpace Cardiovascular and Xcelera CVE-2017-14111 Information Disclosure Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101850

Oracle Tuxedo CVE-2017-10266 Remote Security Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101852

Vir.IT Explorer Anti-Virus CVE-2017-16237 Local Privilege Escalation Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101851

Drupal Permissions by Term Module Access Bypass Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101833

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-11-17
http://www.securityfocus.com/bid/101274

CA Identity Governance CVE-2017-9394 HTML Injection Vulnerability
2017-11-17
http://www.securityfocus.com/bid/101849

SANS News

Top-100 Malicious IP STIX Feed

Threatpost

Oracle Issues Emergency Patches for ‘JoltandBleed’ Vulnerabilities

White House Releases VEP Disclosure Rules

Exploint

Zeta Components Mail 1.8.1 - Remote Code Execution

Vonage VDV23 - Cross-Site Scripting

VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH)

16.11.2017

Bugtraq

CA20171114-01: Security Notice for CA Identity Governance 2017-11-14
Kotas, Kevin J (Kevin Kotas ca com)

[SECURITY] [DSA 4033-1] konversation security update 2017-11-13
Salvatore Bonaccorso (carnil debian org)

[CVE-2017-15288] A privilege escalation vulnerability in the Scala compilation daemon 2017-11-13
jason zaugg lightbend com

Symantec Endpoint Protection (SEP) v12.1 Tamper-protection Bypass CVE-2017-6331 (hyp3rlinx) 2017-11-13
apparitionsec gmail com

[SECURITY] [DSA 4032-1] imagemagick security update 2017-11-12
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4031-1] ruby2.3 security update 2017-11-11
Salvatore Bonaccorso (carnil debian org)

Malware

 

Phishing

PaypaI-Support

15th November 2017

YOUR ACCOUNT HAS BEEN IIMITED
UNTII WE HEAR FROM YOU (CASE
ID #PP-003-498-237-832)

Vulnerebility

Cisco IOS and IOS XE Software CVE-2017-12304 Cross Site Scripting Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101856

Zeta Components Mail CVE-2017-15806 Arbitrary Code Execution Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101866

Cisco Voice OS CVE-2017-12337 Unauthorized Access Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101865

FreeBSD CVE-2017-1087 Local Privilege Escalation Vulnerabiity
2017-11-16
http://www.securityfocus.com/bid/101867

Apache CXF CVE-2017-12624 Denial of Service Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101859

Cisco Firepower System Software CVE-2017-12300 Remote Security Bypass Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101862

Cisco HyperFlex System CVE-2017-12315 Local Information Disclosure Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101864

Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101757

FreeBSD CVE-2017-1086 Local Information Disclosure Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101861

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-11-16
http://www.securityfocus.com/bid/101832

Cisco Registered Envelope Service Multiple Cross Site Scripting Vulnerabilities
2017-11-16
http://www.securityfocus.com/bid/101863

Cisco Network Academy Packet Tracer DLL Loading Local Privilege Escalation Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101858

Cisco Meeting Server H.264 Decoding CVE-2017-12311 Denial of Service Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101855

FreeBSD CVE-2017-1088 Local Information Disclosure Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101857

Cisco RF Gateway 1 CVE-2017-12318 Denial of Service Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101854

Cisco Unified Communications Manager CVE-2017-12302 SQL Injection Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101853

Philips IntelliSpace Cardiovascular and Xcelera CVE-2017-14111 Information Disclosure Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101850

Oracle Tuxedo CVE-2017-10266 Remote Security Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101852

Vir.IT Explorer Anti-Virus CVE-2017-16237 Local Privilege Escalation Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101851

Drupal Permissions by Term Module Access Bypass Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101833

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-11-16
http://www.securityfocus.com/bid/101274

CA Identity Governance CVE-2017-9394 HTML Injection Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101849

Linux Kernel 'drivers/media/usb/dvb-usb/dib0700_devices.c' Local Denial of Service Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101846

SAP ERP Multiple Unspecified Security Vulnerabilities
2017-11-16
http://www.securityfocus.com/bid/101848

Debian Postgresql-common CVE-2017-8806 Multiple Insecure Temporary File Handling Vulnerabilities
2017-11-16
http://www.securityfocus.com/bid/101810

SAP HANA Information Disclosure Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101847

SAP Landscape Management Information Disclosure Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101845

Apache Sling Servlets Post CVE-2017-11296 Cross Site Scripting Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101844

SAP GUI for HTML Cross Site Scripting Vulnerability
2017-11-16
http://www.securityfocus.com/bid/100788

Adobe Experience Manager CVE-2017-3111 Information Disclosure Vulnerability
2017-11-16
http://www.securityfocus.com/bid/101843

SANS News

Suspicious Domains Tracking Dashboard

Threatpost

Cisco Warns of Critical Flaw in Voice OS-based Products

Exploint

Microsoft Edge Chakra: JIT - 'OP_Memset' Type Confusion

Microsoft Edge Chakra: JIT - 'Lowerer::LowerBoundCheck' Incorrect Integer Overflow Check

Microsoft Edge Chakra JIT - Type Confusion with switch Statements

Microsoft Edge - 'Object.setPrototypeOf' Memory Corruption

D-Link DIR605L - Denial of Service

Vonage VDV23 - Cross-Site Scripting

LanSweeper 6.0.100.75 - Cross-Site Scripting

TP-Link TL-WR740N - Cross-Site Scripting

15.11.2017

Bugtraq

[SECURITY] [DSA 4033-1] konversation security update 2017-11-13
Salvatore Bonaccorso (carnil debian org)

[CVE-2017-15288] A privilege escalation vulnerability in the Scala compilation daemon 2017-11-13
jason zaugg lightbend com

Malware

 

Phishing

BMO

14th November 2017

Action: Changes made in your
Internet Banking Profile

western union

13th November 2017

Invitation: Contacting Western
Union
email..(westernunion1087@gmail
.com)call (+229-68 99 38 19) @
Wednesday,

Vulnerebility

Debian Postgresql-common CVE-2017-8806 Multiple Insecure Temporary File Handling Vulnerabilities
2017-11-15
http://www.securityfocus.com/bid/101810

SAP HANA Information Disclosure Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101847

SAP Landscape Management Information Disclosure Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101845

Apache Sling Servlets Post CVE-2017-11296 Cross Site Scripting Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101844

SAP GUI for HTML Cross Site Scripting Vulnerability
2017-11-15
http://www.securityfocus.com/bid/100788

Adobe Experience Manager CVE-2017-3111 Information Disclosure Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101843

Linux Kernel 'drivers/media/usb/hdpvr/hdpvr-core.c' Local Denial of Service Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101842

Microsoft Edge Scripting Engine CVE-2017-11841 Remote Memory Corruption Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101733

Oracle Tuxedo CVE-2017-10269 Remote Security Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101841

Oracle Fusion Middleware CVE-2017-10151 Remote Security Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101619

Microsoft Edge Scripting Engine CVE-2017-11862 Remote Memory Corruption Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101724

Adobe Digital Editions APSB17-39 Multiple Information Disclosure Vulnerabilities
2017-11-15
http://www.securityfocus.com/bid/101839

SAP Composite Application Framework Authorization Tool XML External Entity Injection Vulnerability
2017-11-15
http://www.securityfocus.com/bid/97576

Adobe InDesign CVE-2017-11302 Memory Corruption Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101840

Adobe Experience Manager CVE-2017-3109 Cross Site Scripting Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101834

Adobe Connect Multiple Security Vulnerabilities
2017-11-15
http://www.securityfocus.com/bid/101838

Adobe Flash Player APSB17-33 Multiple Remote Code Execution Vulnerabilities
2017-11-15
http://www.securityfocus.com/bid/101837

Adobe Acrobat and Reader APSB17-36 Multiple Remote Code Execution Vulnerabilities
2017-11-15
http://www.securityfocus.com/bid/101831

Microsoft Office CVE-2017-11876 Cross Site Request Forgery Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101754

Microsoft Windows GDI Component CVE-2017-11852 Local Information Disclosure Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101739

SAP NetWeaver Knowledge Management XMLForms Unspecified Cross Site Scripting Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101826

Microsoft Windows Graphics Component CVE-2017-11850 Local Information Disclosure Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101738

Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101757

Microsoft ASP.NET Core CVE-2017-8700 Information Disclosure Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101712

Microsoft Windows CVE-2017-11835 Information Disclosure Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101736

Microsoft Excel CVE-2017-11878 Memory Corruption Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101756

Microsoft ASP.NET Core CVE-2017-11883 Denial of Service Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101835

Adobe Shockwave Player CVE-2017-11294 Unspecified Memory Corruption Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101836

Microsoft ASP.NET Core CVE-2017-11879 Open Redirection Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101713

Microsoft Excel CVE-2017-11877 Security Bypass Vulnerability
2017-11-15
http://www.securityfocus.com/bid/101747

SANS News

If you want something done right, do it yourself!

Threatpost

Apple iPhone X Face ID Fooled by a Mask


Phishing Biggest Threat to Google Account Security

New IcedID Trojan Targets US Banks

Exploint

Dup Scout Enterprise 10.0.18 - 'Login' Buffer Overflow

D-Link DIR-850L - Unauthenticated OS Command Execution (Metasploit)

Ulterius Server < 1.9.5.0 - Directory Traversal

Kirby CMS < 2.5.7 - Cross-Site Scripting

PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free

14.11.2017

Bugtraq

Symantec Endpoint Protection (SEP) v12.1 Tamper-protection Bypass CVE-2017-6331 (hyp3rlinx) 2017-11-13
apparitionsec gmail com

[SECURITY] [DSA 4032-1] imagemagick security update 2017-11-12
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4031-1] ruby2.3 security update 2017-11-11
Salvatore Bonaccorso (carnil debian org)

Bypassable authentication in SingTel / Aztech DSL8900GR(AC) router 2017-11-11
cort accelerateworkshop com

[SECURITY] [DSA 4006-2] mupdf security update 2017-11-10
Luciano Bello (luciano debian org)

Malware

 

Phishing

 

Vulnerebility

SWFTools 'swfbits.c' Remote Denial of Service Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101797

TYPO3 CAB FAL Search Extension Cross Site Scripting Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101799

ManageEngine ServiceDesk CVE-2017-11512 Arbitrary File Download Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101789

PHPUnit CVE-2017-9841 Arbitrary Code Execution Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101798

GraphicsMagick CVE-2017-16669 Heap Buffer Overflow Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101795

Symantec Endpoint Encryption CVE-2017-15526 Denial of Service Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101698

Symantec Endpoint Encryption CVE-2017-15525 Denial of Service Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101697

FRRouting CVE-2017-15865 Information Disclosure Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101794

HP Content Manager Workgroup Service CVE-2017-14360 Unspecified Denial of Service Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101792

Joomla! Kunena Extension CVE-2017-5673 Multiple Cross Site Scripting Vulnerabilities
2017-11-14
http://www.securityfocus.com/bid/101677

Linux Kernel 'drivers/net/usb/qmi_wwan.c' Local Denial of Service Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101791

Roundcube Webmail CVE-2017-16651 Information Disclosure Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101793

Linux Kernel CVE-2017-15102 Local Privilege Escalation Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101790

Hola VPN CVE-2017-16757 Local Privilege Escalation Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101787

ManageEngine ServiceDesk CVE-2017-11511 Arbitrary File Download Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101788

VMware vCenter Server CRLF Injection and Server Side Request Forgery Security Bypass Vulnerabilities
2017-11-14
http://www.securityfocus.com/bid/101785

VMware vCenter Server CVE-2017-4927 Denial of Service Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101786

Authconfig CVE-2017-7488 Information Disclosure Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101784

Linux Kernel CVE-2016-10200 Multiple Privilege Escalation Vulnerabilities
2017-11-14
http://www.securityfocus.com/bid/101783

Linux Kernel 'tty/tty_ldsem.c' Local Race Condition Vulnerability
2017-11-14
http://www.securityfocus.com/bid/74820

PostgreSQL Multipe Memory Corruption and Security Bypass Vulnerabilities
2017-11-14
http://www.securityfocus.com/bid/101781

Multiple AutomationDirect Products CVE-2017-1402 DLL Loading Local Code Execution Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101780

NetApp OnCommand Unified Manager Core Package CVE-2017-11461 Clickjacking Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101778

Multiple Schneider Electric Products CVE-2017-14024 Unspecified Stack Buffer Overflow Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101779

Bolt CVE-2017-16754 Multiple Access Bypass Vulnerabilities
2017-11-14
http://www.securityfocus.com/bid/101777

NetApp Clustered Data ONTAP CVE-2017-5201 Incomplete Fix Information Disclosure Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101776

Google Android Framework Multiple Privilege Escalation Vulnerabilities
2017-11-14
http://www.securityfocus.com/bid/101775

Google Android Qualcomm Components Multiple Security Vulnerabilities
2017-11-14
http://www.securityfocus.com/bid/101774

Jenkins Multiple Security Vulnerabilities
2017-11-14
http://www.securityfocus.com/bid/101773

Multiple IBM Products CVE-2017-1710 Remote Privilege Escalation Vulnerability
2017-11-14
http://www.securityfocus.com/bid/101770

SANS News

VBE Embeded Script (info.zip)

Threatpost

Phishing Biggest Threat to Google Account Security

New IcedID Trojan Targets US Banks

Exploint

Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload

IKARUS anti.virus 2.16.7 - 'ntguard_x64' Privilege Escalation

Xlight FTP Server 3.8.8.5 - Buffer Overflow (PoC)

13.11.2017

Bugtraq

 

Malware

Win32/NukeSped.AA

Win32/Delf.TUA

Trojan.Reaver

Phishing

western union

13th November 2017

Invitation: Contacting Western
Union
email..(westernunion1087@gmail
.com)call (+229-68 99 38 19) @
Wednesday,

Vulnerebility

Linux Kernel 'drivers/net/usb/qmi_wwan.c' Local Denial of Service Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101791

Roundcube Webmail CVE-2017-16651 Information Disclosure Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101793

Linux Kernel CVE-2017-15102 Local Privilege Escalation Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101790

Hola VPN CVE-2017-16757 Local Privilege Escalation Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101787

ManageEngine ServiceDesk CVE-2017-11511 Arbitrary File Download Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101788

VMware vCenter Server CRLF Injection and Server Side Request Forgery Security Bypass Vulnerabilities
2017-11-13
http://www.securityfocus.com/bid/101785

VMware vCenter Server CVE-2017-4927 Denial of Service Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101786

Authconfig CVE-2017-7488 Information Disclosure Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101784

Linux Kernel CVE-2016-10200 Multiple Privilege Escalation Vulnerabilities
2017-11-13
http://www.securityfocus.com/bid/101783

Linux Kernel 'tty/tty_ldsem.c' Local Race Condition Vulnerability
2017-11-13
http://www.securityfocus.com/bid/74820

PostgreSQL Multipe Memory Corruption and Security Bypass Vulnerabilities
2017-11-13
http://www.securityfocus.com/bid/101781

Multiple AutomationDirect Products CVE-2017-1402 DLL Loading Local Code Execution Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101780

NetApp OnCommand Unified Manager Core Package CVE-2017-11461 Clickjacking Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101778

Multiple Schneider Electric Products CVE-2017-14024 Unspecified Stack Buffer Overflow Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101779

Bolt CVE-2017-16754 Multiple Access Bypass Vulnerabilities
2017-11-13
http://www.securityfocus.com/bid/101777

NetApp Clustered Data ONTAP CVE-2017-5201 Incomplete Fix Information Disclosure Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101776

Google Android Framework Multiple Privilege Escalation Vulnerabilities
2017-11-13
http://www.securityfocus.com/bid/101775

Google Android Qualcomm Components Multiple Security Vulnerabilities
2017-11-13
http://www.securityfocus.com/bid/101774

Jenkins Multiple Security Vulnerabilities
2017-11-13
http://www.securityfocus.com/bid/101773

Multiple IBM Products CVE-2017-1710 Remote Privilege Escalation Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101770

Linux Kernel 'drivers/input/tablet/gtco.c' Local Denial of Service Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101769

VMware AirWatch Console Module Multiple Security Vulnerabilities
2017-11-13
http://www.securityfocus.com/bid/101772

Linux Kernel 'drivers/net/usb/asix_devices.c' Local Denial of Service Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101767

Linux Kernel 'drivers/input/misc/ims-pcu.c' Local Denial of Service Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101768

VMware AirWatch Launcher for Android CVE-2017-4932 Privilege Escalation Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101771

Multiple Asterisk Products Information Disclosure Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101765

Multiple Asterisk Products CDR Remote Buffer Overflow Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101760

Multiple Asterisk Products 'pjproject ' Buffer Overflow Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101759

Linux Kernel 'drivers/net/usb/cdc_ether.c' Local Denial of Service Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101761

Linux Kernel 'drivers/media/dvb-core/dvb_frontend.c' Local Denial of Service Vulnerability
2017-11-13
http://www.securityfocus.com/bid/101758

SANS News

 

Threatpost

AutoIt Scripting Used By Overlay Malware to Bypass AV Detection

Exploint

Symantec Endpoint Protection 12.1 - Tamper-Protection Bypass

12.11.2017

Bugtraq

[RT-SA-2016-008] XML External Entity Expansion in Ladon Webservice 2017-11-09
RedTeam Pentesting GmbH (release redteam-pentesting de)

[SECURITY] [DSA 4029-1] postgresql-common security update 2017-11-09
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4028-1] postgresql-9.6 security update 2017-11-09
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4027-1] postgresql-9.4 security update 2017-11-09
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4026-1] bchunk security update 2017-11-09
Sebastien Delafond (seb debian org)

Malware

Win32/Filecoder.Hermes.D

Phishing

 

Vulnerebility

Authconfig CVE-2017-7488 Information Disclosure Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101784

Linux Kernel CVE-2016-10200 Multiple Privilege Escalation Vulnerabilities
2017-11-12
http://www.securityfocus.com/bid/101783

Linux Kernel 'tty/tty_ldsem.c' Local Race Condition Vulnerability
2017-11-12
http://www.securityfocus.com/bid/74820

PostgreSQL Multipe Memory Corruption and Security Bypass Vulnerabilities
2017-11-12
http://www.securityfocus.com/bid/101781

Multiple AutomationDirect Products CVE-2017-1402 DLL Loading Local Code Execution Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101780

NetApp OnCommand Unified Manager Core Package CVE-2017-11461 Clickjacking Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101778

Multiple Schneider Electric Products CVE-2017-14024 Unspecified Stack Buffer Overflow Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101779

Bolt CVE-2017-16754 Multiple Access Bypass Vulnerabilities
2017-11-12
http://www.securityfocus.com/bid/101777

NetApp Clustered Data ONTAP CVE-2017-5201 Incomplete Fix Information Disclosure Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101776

Google Android Framework Multiple Privilege Escalation Vulnerabilities
2017-11-12
http://www.securityfocus.com/bid/101775

Google Android Qualcomm Components Multiple Security Vulnerabilities
2017-11-12
http://www.securityfocus.com/bid/101774

Jenkins Multiple Security Vulnerabilities
2017-11-12
http://www.securityfocus.com/bid/101773

Multiple IBM Products CVE-2017-1710 Remote Privilege Escalation Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101770

Linux Kernel 'drivers/input/tablet/gtco.c' Local Denial of Service Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101769

VMware AirWatch Console Module Multiple Security Vulnerabilities
2017-11-12
http://www.securityfocus.com/bid/101772

Linux Kernel 'drivers/net/usb/asix_devices.c' Local Denial of Service Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101767

Linux Kernel 'drivers/input/misc/ims-pcu.c' Local Denial of Service Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101768

VMware AirWatch Launcher for Android CVE-2017-4932 Privilege Escalation Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101771

Multiple Asterisk Products Information Disclosure Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101765

Multiple Asterisk Products CDR Remote Buffer Overflow Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101760

Multiple Asterisk Products 'pjproject ' Buffer Overflow Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101759

Linux Kernel 'drivers/net/usb/cdc_ether.c' Local Denial of Service Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101761

Linux Kernel 'drivers/media/dvb-core/dvb_frontend.c' Local Denial of Service Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101758

PHP CVE-2017-16642 Heap Based Buffer Overflow Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101745

Google Android NVIDIA Components CVE-2017-6264 Privilege Escalation Vulnerability
2017-11-12
http://www.securityfocus.com/bid/101744

Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
2017-11-12
http://www.securityfocus.com/bid/97530

Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2017-11-12
http://www.securityfocus.com/bid/100954

Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
2017-11-12
http://www.securityfocus.com/bid/100897

Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
2017-11-12
http://www.securityfocus.com/bid/100256

Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability
2017-11-12
http://www.securityfocus.com/bid/100901Authconfig CVE-2017-7488 Information Disclosure Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101784

Linux Kernel CVE-2016-10200 Multiple Privilege Escalation Vulnerabilities
2017-11-11
http://www.securityfocus.com/bid/101783

Linux Kernel 'tty/tty_ldsem.c' Local Race Condition Vulnerability
2017-11-11
http://www.securityfocus.com/bid/74820

PostgreSQL Multipe Memory Corruption and Security Bypass Vulnerabilities
2017-11-11
http://www.securityfocus.com/bid/101781

Multiple AutomationDirect Products CVE-2017-1402 DLL Loading Local Code Execution Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101780

NetApp OnCommand Unified Manager Core Package CVE-2017-11461 Clickjacking Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101778

Multiple Schneider Electric Products CVE-2017-14024 Unspecified Stack Buffer Overflow Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101779

Bolt CVE-2017-16754 Multiple Access Bypass Vulnerabilities
2017-11-11
http://www.securityfocus.com/bid/101777

NetApp Clustered Data ONTAP CVE-2017-5201 Incomplete Fix Information Disclosure Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101776

Google Android Framework Multiple Privilege Escalation Vulnerabilities
2017-11-11
http://www.securityfocus.com/bid/101775

Google Android Qualcomm Components Multiple Security Vulnerabilities
2017-11-11
http://www.securityfocus.com/bid/101774

Jenkins Multiple Security Vulnerabilities
2017-11-11
http://www.securityfocus.com/bid/101773

Multiple IBM Products CVE-2017-1710 Remote Privilege Escalation Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101770

Linux Kernel 'drivers/input/tablet/gtco.c' Local Denial of Service Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101769

VMware AirWatch Console Module Multiple Security Vulnerabilities
2017-11-11
http://www.securityfocus.com/bid/101772

Linux Kernel 'drivers/net/usb/asix_devices.c' Local Denial of Service Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101767

Linux Kernel 'drivers/input/misc/ims-pcu.c' Local Denial of Service Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101768

VMware AirWatch Launcher for Android CVE-2017-4932 Privilege Escalation Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101771

Multiple Asterisk Products Information Disclosure Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101765

Multiple Asterisk Products CDR Remote Buffer Overflow Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101760

Multiple Asterisk Products 'pjproject ' Buffer Overflow Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101759

Linux Kernel 'drivers/net/usb/cdc_ether.c' Local Denial of Service Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101761

Linux Kernel 'drivers/media/dvb-core/dvb_frontend.c' Local Denial of Service Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101758

PHP CVE-2017-16642 Heap Based Buffer Overflow Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101745

Google Android NVIDIA Components CVE-2017-6264 Privilege Escalation Vulnerability
2017-11-11
http://www.securityfocus.com/bid/101744

Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
2017-11-11
http://www.securityfocus.com/bid/97530

Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2017-11-11
http://www.securityfocus.com/bid/100954

Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
2017-11-11
http://www.securityfocus.com/bid/100897

Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
2017-11-11
http://www.securityfocus.com/bid/100256

Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability
2017-11-11
http://www.securityfocus.com/bid/100901

SANS News

Keep An Eye on your Root Certificates

Threatpost

AutoIt Scripting Used By Overlay Malware to Bypass AV Detection

Eavesdropper Vulnerability Exposes Mobile Call, Text Data

Hundreds of Millions in Digital Currency Remains Frozen

Exploint

 

10.11.2017

Bugtraq

[RT-SA-2016-008] XML External Entity Expansion in Ladon Webservice 2017-11-09
RedTeam Pentesting GmbH (release redteam-pentesting de)

[SECURITY] [DSA 4029-1] postgresql-common security update 2017-11-09
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4028-1] postgresql-9.6 security update 2017-11-09
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4027-1] postgresql-9.4 security update 2017-11-09
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4026-1] bchunk security update 2017-11-09
Sebastien Delafond (seb debian org)

Datto Windows Agent 1.0.5.0 Remote Command Execution [CVE-2017-16673][CVE-2017-16674] 2017-11-09
brainn gmail com

AST-2017-009: Buffer overflow in pjproject header parsing can cause crash in Asterisk 2017-11-08
Asterisk Security Team (security asterisk org)

AST-2017-010: Buffer overflow in CDR's set user 2017-11-08
Asterisk Security Team (security asterisk org)

AST-2017-011: Memory leak in pjsip session resource 2017-11-08
Asterisk Security Team (security asterisk org)

[SECURITY] [DSA 4025-1] libpam4j security update 2017-11-08
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4021-1] otrs2 security update 2017-11-07
Moritz Muehlenhoff (jmm debian org)

Malware

Linux.Badbee

Backdoor.Badbee

Phishing

Chase Online

9th November 2017

Urgent! Apply for your Chase
Account Update

Vulnerebility

Linux Kernel 'tty/tty_ldsem.c' Local Race Condition Vulnerability
2017-11-10
http://www.securityfocus.com/bid/74820

NetApp OnCommand Unified Manager Core Package CVE-2017-11461 Clickjacking Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101778

Multiple Schneider Electric Products CVE-2017-14024 Unspecified Stack Buffer Overflow Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101779

Bolt CVE-2017-16754 Multiple Access Bypass Vulnerabilities
2017-11-10
http://www.securityfocus.com/bid/101777

NetApp Clustered Data ONTAP CVE-2017-5201 Incomplete Fix Information Disclosure Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101776

Google Android Framework Multiple Privilege Escalation Vulnerabilities
2017-11-10
http://www.securityfocus.com/bid/101775

Google Android Qualcomm Components Multiple Security Vulnerabilities
2017-11-10
http://www.securityfocus.com/bid/101774

Jenkins Multiple Security Vulnerabilities
2017-11-10
http://www.securityfocus.com/bid/101773

Multiple IBM Products CVE-2017-1710 Remote Privilege Escalation Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101770

Linux Kernel 'drivers/input/tablet/gtco.c' Local Denial of Service Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101769

VMware AirWatch Console Module Multiple Security Vulnerabilities
2017-11-10
http://www.securityfocus.com/bid/101772

Linux Kernel 'drivers/net/usb/asix_devices.c' Local Denial of Service Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101767

Linux Kernel 'drivers/input/misc/ims-pcu.c' Local Denial of Service Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101768

VMware AirWatch Launcher for Android CVE-2017-4932 Privilege Escalation Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101771

Multiple Asterisk Products Information Disclosure Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101765

Multiple Asterisk Products CDR Remote Buffer Overflow Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101760

Multiple Asterisk Products 'pjproject ' Buffer Overflow Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101759

Linux Kernel 'drivers/net/usb/cdc_ether.c' Local Denial of Service Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101761

Linux Kernel 'drivers/media/dvb-core/dvb_frontend.c' Local Denial of Service Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101758

PHP CVE-2017-16642 Heap Based Buffer Overflow Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101745

Google Android NVIDIA Components CVE-2017-6264 Privilege Escalation Vulnerability
2017-11-10
http://www.securityfocus.com/bid/101744

Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
2017-11-10
http://www.securityfocus.com/bid/97530

Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2017-11-10
http://www.securityfocus.com/bid/100954

Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
2017-11-10
http://www.securityfocus.com/bid/100897

Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
2017-11-10
http://www.securityfocus.com/bid/100256

Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability
2017-11-10
http://www.securityfocus.com/bid/100901

Apache Tomcat CVE-2017-5651 Information Disclosure Vulnerability
2017-11-10
http://www.securityfocus.com/bid/97544

Apache Tomcat CVE-2017-5650 Denial of Service Vulnerability
2017-11-10
http://www.securityfocus.com/bid/97531

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
2017-11-10
http://www.securityfocus.com/bid/98888

Apache Tomcat CVE-2017-7674 Security Bypass Vulnerability
2017-11-10
http://www.securityfocus.com/bid/100280

SANS News

Battling e-mail phishing

Threatpost

Eavesdropper Vulnerability Exposes Mobile Call, Text Data

Exploint

 

9.11.2017

Bugtraq

AST-2017-009: Buffer overflow in pjproject header parsing can cause crash in Asterisk 2017-11-08
Asterisk Security Team (security asterisk org)

AST-2017-010: Buffer overflow in CDR's set user 2017-11-08
Asterisk Security Team (security asterisk org)

AST-2017-011: Memory leak in pjsip session resource 2017-11-08
Asterisk Security Team (security asterisk org)

[SECURITY] [DSA 4025-1] libpam4j security update 2017-11-08
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4021-1] otrs2 security update 2017-11-07
Moritz Muehlenhoff (jmm debian org)

Malware

 

Phishing

Chase Online

9th November 2017

Urgent! Apply for your Chase
Account Update

Vulnerebility

PHP CVE-2017-16642 Heap Based Buffer Overflow Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101745

Google Android NVIDIA Components CVE-2017-6264 Privilege Escalation Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101744

Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
2017-11-09
http://www.securityfocus.com/bid/97530

Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2017-11-09
http://www.securityfocus.com/bid/100954

Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
2017-11-09
http://www.securityfocus.com/bid/100897

Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
2017-11-09
http://www.securityfocus.com/bid/100256

Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability
2017-11-09
http://www.securityfocus.com/bid/100901

Apache Tomcat CVE-2017-5651 Information Disclosure Vulnerability
2017-11-09
http://www.securityfocus.com/bid/97544

Apache Tomcat CVE-2017-5650 Denial of Service Vulnerability
2017-11-09
http://www.securityfocus.com/bid/97531

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
2017-11-09
http://www.securityfocus.com/bid/98888

Apache Tomcat CVE-2017-7674 Security Bypass Vulnerability
2017-11-09
http://www.securityfocus.com/bid/100280

Google Android Media Framework Multiple Security Vulnerabilities
2017-11-09
http://www.securityfocus.com/bid/101717

Google Android System Component Multiple Security Vulnerabilities
2017-11-09
http://www.securityfocus.com/bid/101718

Joomla! CVE-2017-16633 Information Disclosure Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101702

Joomla! CVE-2017-16634 Security Bypass Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101701

McAfee Network Data Loss Prevention CVE-2017-3934 Man in the Middle Security Bypass Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101695

Savitech USB Audio Driver CVE-2017-9758 Security Bypass Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101700

Joomla! Zh YandexMap Component CVE-2017-15966 SQL Injection Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101694

IEEE P1735 Multiple Cryptographic Local Security Weaknesses
2017-11-09
http://www.securityfocus.com/bid/101699

LibTIFF CVE-2017-16232 Multiple Local Memory Corruption Vulnerabilities
2017-11-09
http://www.securityfocus.com/bid/101696

Apple iOS/WatchOS/tvOS CVE-2017-13849 Denial of Service Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101691

Apache Hive CVE-2017-12625 Information Disclosure Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101686

MongoDB CVE-2017-15535 Memory Corruption Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101689

Google Chrome Prior to 62.0.3202.89 Stack Buffer Overflow and Denial of Service Vulnerabilities
2017-11-09
http://www.securityfocus.com/bid/101692

Linux Kernel 'arch/powerpc/kvm/powerpc.c' Local Denial of Service Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101693

IBM OpenPages GRC Platform CVE-2017-1290 Unspecified Cross Site Scripting Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101684

PCRE CVE-2017-16231 Local Stack Buffer Overflow Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101688

FFmpeg CVE-2017-15672 Out-of-Bounds Read Memory Corruption Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101690

IBM BigFix Platform CVE-2017-1221 Security Weakness
2017-11-09
http://www.securityfocus.com/bid/101683

Siemens SIMATIC PCS 7 CVE-2017-14023 Denial of Service Vulnerability
2017-11-09
http://www.securityfocus.com/bid/101680

SANS News

What is My IP Again?

Threatpost

Hundreds of Millions in Digital Currency Remains Frozen

Google Patches KRACK Vulnerability in Android

Privacy Clouds Form Over Mantistek Gaming Keyboard

Exploint

 

8.11.2017

Bugtraq

[SECURITY] [DSA 4021-1] otrs2 security update 2017-11-07
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4020-1] chromium-browser security update 2017-11-07
Michael Gilbert (mgilbert debian org)

CVE-2017-9096 iText XML External Entity Vulnerability 2017-11-06
Advisories (advisories compass-security com)

Malware

Downloader.Dydoxic

Phishing

 

Vulnerebility

Google Android Media Framework Multiple Security Vulnerabilities
2017-11-08
http://www.securityfocus.com/bid/101717

Google Android System Component Multiple Security Vulnerabilities
2017-11-08
http://www.securityfocus.com/bid/101718

Joomla! CVE-2017-16633 Information Disclosure Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101702

Joomla! CVE-2017-16634 Security Bypass Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101701

McAfee Network Data Loss Prevention CVE-2017-3934 Man in the Middle Security Bypass Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101695

Savitech USB Audio Driver CVE-2017-9758 Security Bypass Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101700

Joomla! Zh YandexMap Component CVE-2017-15966 SQL Injection Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101694

IEEE P1735 Multiple Cryptographic Local Security Weaknesses
2017-11-08
http://www.securityfocus.com/bid/101699

LibTIFF CVE-2017-16232 Multiple Local Memory Corruption Vulnerabilities
2017-11-08
http://www.securityfocus.com/bid/101696

Apple iOS/WatchOS/tvOS CVE-2017-13849 Denial of Service Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101691

Apache Hive CVE-2017-12625 Information Disclosure Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101686

MongoDB CVE-2017-15535 Memory Corruption Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101689

Google Chrome Prior to 62.0.3202.89 Stack Buffer Overflow and Denial of Service Vulnerabilities
2017-11-08
http://www.securityfocus.com/bid/101692

Linux Kernel 'arch/powerpc/kvm/powerpc.c' Local Denial of Service Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101693

IBM OpenPages GRC Platform CVE-2017-1290 Unspecified Cross Site Scripting Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101684

PCRE CVE-2017-16231 Local Stack Buffer Overflow Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101688

FFmpeg CVE-2017-15672 Out-of-Bounds Read Memory Corruption Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101690

IBM BigFix Platform CVE-2017-1221 Security Weakness
2017-11-08
http://www.securityfocus.com/bid/101683

Siemens SIMATIC PCS 7 CVE-2017-14023 Denial of Service Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101680

Drupal Automated Logout Module HTML Injection Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101681

Fortinet FortiOS CVE-2017-7739 Cross Site Scripting Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101679

Advantech WebAccess Multiple Remote Code Execution Vulnerabilities
2017-11-08
http://www.securityfocus.com/bid/101685

Fortinet FortiClient CVE-2016-8493 Privilege Escalation Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101682

Linux Kernel CVE-2017-12193 Null Pointer Dereference Local Denial of Service Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101678

Cisco IOS XE Software CVE-2017-12319 Denial of Service Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101676

Symantec Endpoint Protection CVE-2017-6331 Local Security Bypass Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101502

Symantec Endpoint Protection CVE-2017-13680 Arbitrary File Deletion Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101503

SchedMD Slurm CVE-2017-15566 Privilege Escalation Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101675

Avaya IP Office Contact Center CVE-2017-11309 Remote Buffer Overflow Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101674

Symantec Endpoint Protection Manager CVE-2017-13681 Local Privilege Escalation Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101504

Joomla! CVE-2017-16633 Information Disclosure Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101702

Joomla! CVE-2017-16634 Security Bypass Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101701

McAfee Network Data Loss Prevention CVE-2017-3934 Man in the Middle Security Bypass Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101695

Savitech USB Audio Driver CVE-2017-9758 Security Bypass Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101700

Joomla! Zh YandexMap Component CVE-2017-15966 SQL Injection Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101694

IEEE P1735 Multiple Cryptographic Local Security Weaknesses
2017-11-08
http://www.securityfocus.com/bid/101699

LibTIFF CVE-2017-16232 Multiple Local Memory Corruption Vulnerabilities
2017-11-08
http://www.securityfocus.com/bid/101696

Apple iOS/WatchOS/tvOS CVE-2017-13849 Denial of Service Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101691

Apache Hive CVE-2017-12625 Information Disclosure Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101686

MongoDB CVE-2017-15535 Memory Corruption Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101689

Google Chrome Prior to 62.0.3202.89 Stack Buffer Overflow and Denial of Service Vulnerabilities
2017-11-08
http://www.securityfocus.com/bid/101692

Linux Kernel 'arch/powerpc/kvm/powerpc.c' Local Denial of Service Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101693

IBM OpenPages GRC Platform CVE-2017-1290 Unspecified Cross Site Scripting Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101684

PCRE CVE-2017-16231 Local Stack Buffer Overflow Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101688

FFmpeg CVE-2017-15672 Out-of-Bounds Read Memory Corruption Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101690

IBM BigFix Platform CVE-2017-1221 Security Weakness
2017-11-08
http://www.securityfocus.com/bid/101683

Siemens SIMATIC PCS 7 CVE-2017-14023 Denial of Service Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101680

Drupal Automated Logout Module HTML Injection Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101681

Fortinet FortiOS CVE-2017-7739 Cross Site Scripting Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101679

Advantech WebAccess Multiple Remote Code Execution Vulnerabilities
2017-11-08
http://www.securityfocus.com/bid/101685

Fortinet FortiClient CVE-2016-8493 Privilege Escalation Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101682

Linux Kernel CVE-2017-12193 Null Pointer Dereference Local Denial of Service Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101678

Cisco IOS XE Software CVE-2017-12319 Denial of Service Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101676

Symantec Endpoint Protection CVE-2017-6331 Local Security Bypass Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101502

Symantec Endpoint Protection CVE-2017-13680 Arbitrary File Deletion Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101503

SchedMD Slurm CVE-2017-15566 Privilege Escalation Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101675

Avaya IP Office Contact Center CVE-2017-11309 Remote Buffer Overflow Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101674

Symantec Endpoint Protection Manager CVE-2017-13681 Local Privilege Escalation Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101504

Multiple MitraStar Routers CVE-2017-16523 Local Privilege Escalation Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101672

Multiple EMC Products CVE-2017-14375 Authentication Bypass Vulnerability
2017-11-08
http://www.securityfocus.com/bid/101673

SANS News

SSH Server "Time to Live"? Less than a cup of coffee!

Threatpost

Texas Shooter’s Phone Encrypted


Assessing Weaknesses in Public Key Infrastructure

Brother Printers Susceptible to Remote Denial of Service Attacks

Exploint

ManageEngine Applications Manager 13 - SQL Injection

pfSense 2.3.1_1 - Command Execution

7.11.2017

Bugtraq

[SECURITY] [DSA 4020-1] chromium-browser security update 2017-11-07
Michael Gilbert (mgilbert debian org)

CVE-2017-9096 iText XML External Entity Vulnerability 2017-11-06
Advisories (advisories compass-security com)

Call for papers - WorldCIST'18 - Naples, Italy - Extended deadline: November 22 2017-11-05
ML (marialemos72 gmail com)

Malware

RANSOM_BADRABBIT.SMA

RANSOM_BADRABBIT.A

Phishing

PayPal

6th November 2017

Your Monthly Payment was
recently declined.

Vulnerebility

Symantec Endpoint Protection CVE-2017-6331 Local Security Bypass Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101502

Symantec Endpoint Protection CVE-2017-13680 Arbitrary File Deletion Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101503

SchedMD Slurm CVE-2017-15566 Privilege Escalation Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101675

Avaya IP Office Contact Center CVE-2017-11309 Remote Buffer Overflow Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101674

Symantec Endpoint Protection Manager CVE-2017-13681 Local Privilege Escalation Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101504

Multiple MitraStar Routers CVE-2017-16523 Local Privilege Escalation Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101672

Multiple EMC Products CVE-2017-14375 Authentication Bypass Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101673

GNU Emacs CVE-2017-1000383 Local Information Disclosure Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101671

Foxit Reader CVE-2017-10948 Use After Free Remote Code Execution Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101670

Avaya IP Office Contact Center CVE-2017-12969 Remote Buffer Overflow Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101667

OpenSSL CVE-2017-3736 Information Disclosure Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101666

IBM OpenPages GRC Platform CVE-2017-1148 Information Disclosure Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101668

Tor Browser CVE-2017-16541 Information Disclosure Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101665

Splunk Multiple Local Privilege Escalation Vulnerabilities
2017-11-07
http://www.securityfocus.com/bid/101664

Ayukov NFTPD CVE-2017-15222 Stack Buffer Overflow Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101602

Mura CMS 'tasks/feed/readRSS.cfm' XML External Entity Injection Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101603

WordPress Ultimate Form Builder Lite Plugin 'wp-admin/admin-ajax.php' SQL Injection Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101604

GNU wget CVE-2017-13090 Heap Buffer Overflow Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101590

GNU wget CVE-2017-13089 Stack Buffer Overflow Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101592

IBM OpenPages CVE-2017-1147 Cross Site Scripting Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101663

HP Performance Center CVE-2017-14359 Unspecified Cross Site Scripting Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101659

IBM OpenPages CVE-2016-3048 Cross Site Scripting Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101660

ABB FOX515T CVE-2017-14025 Local Information Disclosure Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101662

GraphicsMagick CVE-2017-16352 Heap Buffer Overflow Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101658

Multiple Cisco Products CVE-2017-12277 Remote Command Injection Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101661

Cisco Wireless LAN Controller CVE-2017-12275 Denial of Service Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101657

WordPress 'wpdb::prepare()' Method SQL Injection Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101638

IBM OpenPages GRC Platform CVE-2017-1333 Information Disclosure Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101656

Cisco Aironet Access Points CVE-2017-12273 Denial of Service Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101655

Cisco WebEx Meetings Server CVE-2017-12294 Cross Site Scripting Vulnerability
2017-11-07
http://www.securityfocus.com/bid/101654

SANS News

Interesting VBA Dropper

Threatpost

US-CERT Warns of Crypto Bugs in IEEE Standard

Cisco Patches DoS Flaw in BGP over Ethernet VPN Implementation

1M Downloads Later, Google Pulls Phony WhatsApp From Google Play

Exploint

Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP Privilege Escalation

SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)  

Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting

Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting

SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)

Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow

6.11.2017

Bugtraq

Call for papers - WorldCIST'18 - Naples, Italy - Extended deadline: November 22 2017-11-05
ML (marialemos72 gmail com)

Webmin v1.850 Remote Code Execution (hyp3rlinx / apparitionsec) 2017-11-05
apparitionsec gmail com

[SECURITY] [DSA 4019-1] imagemagick security update 2017-11-05
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4016-1] irssi security update 2017-11-03
Salvatore Bonaccorso (carnil debian org)

KL-001-2017-022 : Splunk Local Privilege Escalation 2017-11-03
KoreLogic Disclosures (disclosures korelogic com)

[SECURITY] [DSA 4015-1] openjdk-8 security update 2017-11-02
Moritz Muehlenhoff (jmm debian org)

Malware

 

Phishing

PayPal

6th November 2017

Your Monthly Payment was
recently declined.

Bank of America

5th November 2017

Bank of America Alert: Account
Suspicious

Vulnerebility

GNU Emacs CVE-2017-1000383 Local Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101671

Foxit Reader CVE-2017-10948 Use After Free Remote Code Execution Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101670

Avaya IP Office Contact Center CVE-2017-12969 Remote Buffer Overflow Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101667

OpenSSL CVE-2017-3736 Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101666

IBM OpenPages GRC Platform CVE-2017-1148 Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101668

Tor Browser CVE-2017-16541 Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101665

Splunk Multiple Local Privilege Escalation Vulnerabilities
2017-11-06
http://www.securityfocus.com/bid/101664

Ayukov NFTPD CVE-2017-15222 Stack Buffer Overflow Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101602

Mura CMS 'tasks/feed/readRSS.cfm' XML External Entity Injection Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101603

WordPress Ultimate Form Builder Lite Plugin 'wp-admin/admin-ajax.php' SQL Injection Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101604

GNU wget CVE-2017-13090 Heap Buffer Overflow Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101590

GNU wget CVE-2017-13089 Stack Buffer Overflow Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101592

IBM OpenPages CVE-2017-1147 Cross Site Scripting Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101663

HP Performance Center CVE-2017-14359 Unspecified Cross Site Scripting Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101659

IBM OpenPages CVE-2016-3048 Cross Site Scripting Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101660

ABB FOX515T CVE-2017-14025 Local Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101662

GraphicsMagick CVE-2017-16352 Heap Buffer Overflow Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101658

Multiple Cisco Products CVE-2017-12277 Remote Command Injection Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101661

Cisco Wireless LAN Controller CVE-2017-12275 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101657

WordPress 'wpdb::prepare()' Method SQL Injection Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101638

IBM OpenPages GRC Platform CVE-2017-1333 Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101656

Cisco Aironet Access Points CVE-2017-12273 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101655

Cisco WebEx Meetings Server CVE-2017-12294 Cross Site Scripting Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101654

GraphicsMagick CVE-2017-16353 Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101653

Cisco Wireless LAN Controller CVE-2017-12282 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101650

Cisco WebEx Meetings Server CVE-2017-12295 Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101651

Multiple Cisco Products CVE-2017-12243 Local Command Injection Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101652

Cisco Aironet CVE-2017-12281 Authentication Bypass Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101649

Cisco Application Policy Infrastructure Controller Enterprise Module Access Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101647

Cisco Aironet Access Points CVE-2017-12274 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101648

IBM OpenPages CVE-2017-1147 Cross Site Scripting Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101663

HP Performance Center CVE-2017-14359 Unspecified Cross Site Scripting Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101659

IBM OpenPages CVE-2016-3048 Cross Site Scripting Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101660

ABB FOX515T CVE-2017-14025 Local Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101662

GraphicsMagick CVE-2017-16352 Heap Buffer Overflow Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101658

Multiple Cisco Products CVE-2017-12277 Remote Command Injection Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101661

Cisco Wireless LAN Controller CVE-2017-12275 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101657

WordPress 'wpdb::prepare()' Method SQL Injection Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101638

IBM OpenPages GRC Platform CVE-2017-1333 Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101656

Cisco Aironet Access Points CVE-2017-12273 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101655

Cisco WebEx Meetings Server CVE-2017-12294 Cross Site Scripting Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101654

GraphicsMagick CVE-2017-16353 Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101653

Cisco Wireless LAN Controller CVE-2017-12282 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101650

Cisco WebEx Meetings Server CVE-2017-12295 Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101651

Multiple Cisco Products CVE-2017-12243 Local Command Injection Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101652

Cisco Aironet CVE-2017-12281 Authentication Bypass Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101649

Cisco Application Policy Infrastructure Controller Enterprise Module Access Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101647

Cisco Aironet Access Points CVE-2017-12274 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101648

Cisco Aironet 3800 Series Access Points CVE-2017-12283 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101645

Cisco Wireless LAN Controller CVE-2017-12280 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101646

Cisco IOS Software for Aironet Access Points CVE-2017-12279 Information Disclosure Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101643

Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101644

Cisco Wireless LAN Controller CVE-2017-12278 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101642

Cisco Identity Services Engine CVE-2017-12261 Privilege Escalation Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101641

Apple macOS and macOS Server CVE-2017-13826 Multiple Unspecified Security Vulnerabilities
2017-11-06
http://www.securityfocus.com/bid/101637

Cisco Prime Collaboration Provisioning CVE-2017-12276 SQL Injection Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101640

OpenText Documentum Content Server Multiple Security Vulnerabilities
2017-11-06
http://www.securityfocus.com/bid/101639

Multiple F5 BIG-IP Products CVE-2017-6161 Security Bypass Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101636

Multiple F5 BIG-IP Products CVE-2017-6162 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101635

Multiple F5 BIG-IP Products CVE-2017-6159 Denial of Service Vulnerability
2017-11-06
http://www.securityfocus.com/bid/101633

SANS News

Extracting the text from PDF documents

Threatpost

 

Exploint

Actiontec C1000A Modem - Backdoor Account

WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass

Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH)

Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Buffer Overflow (SEH)

Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow

Debut Embedded httpd 1.20 - Denial of Service

5.11.2017

Bugtraq

[SECURITY] [DSA 4015-1] openjdk-8 security update 2017-11-02
Moritz Muehlenhoff (jmm debian org)

Malware

 

Phishing

Netflix Inc.

3rd November 2017

SECURITY ALERT : ABOUT YOUR
ACCOUNT !!

Vulnerebility

HP Performance Center CVE-2017-14359 Unspecified Cross Site Scripting Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101659

IBM OpenPages CVE-2016-3048 Cross Site Scripting Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101660

ABB FOX515T CVE-2017-14025 Local Information Disclosure Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101662

GraphicsMagick CVE-2017-16352 Heap Buffer Overflow Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101658

Multiple Cisco Products CVE-2017-12277 Remote Command Injection Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101661

Cisco Wireless LAN Controller CVE-2017-12275 Denial of Service Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101657

WordPress 'wpdb::prepare()' Method SQL Injection Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101638

IBM OpenPages GRC Platform CVE-2017-1333 Information Disclosure Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101656

Cisco Aironet Access Points CVE-2017-12273 Denial of Service Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101655

Cisco WebEx Meetings Server CVE-2017-12294 Cross Site Scripting Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101654

GraphicsMagick CVE-2017-16353 Information Disclosure Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101653

Cisco Wireless LAN Controller CVE-2017-12282 Denial of Service Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101650

Cisco WebEx Meetings Server CVE-2017-12295 Information Disclosure Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101651

Multiple Cisco Products CVE-2017-12243 Local Command Injection Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101652

Cisco Aironet CVE-2017-12281 Authentication Bypass Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101649

Cisco Application Policy Infrastructure Controller Enterprise Module Access Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101647

Cisco Aironet Access Points CVE-2017-12274 Denial of Service Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101648

Cisco Aironet 3800 Series Access Points CVE-2017-12283 Denial of Service Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101645

Cisco Wireless LAN Controller CVE-2017-12280 Denial of Service Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101646

Cisco IOS Software for Aironet Access Points CVE-2017-12279 Information Disclosure Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101643

Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101644

Cisco Wireless LAN Controller CVE-2017-12278 Denial of Service Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101642

Cisco Identity Services Engine CVE-2017-12261 Privilege Escalation Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101641

Apple macOS and macOS Server CVE-2017-13826 Multiple Unspecified Security Vulnerabilities
2017-11-05
http://www.securityfocus.com/bid/101637

Cisco Prime Collaboration Provisioning CVE-2017-12276 SQL Injection Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101640

OpenText Documentum Content Server Multiple Security Vulnerabilities
2017-11-05
http://www.securityfocus.com/bid/101639

Multiple F5 BIG-IP Products CVE-2017-6161 Security Bypass Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101636

Multiple F5 BIG-IP Products CVE-2017-6162 Denial of Service Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101635

Multiple F5 BIG-IP Products CVE-2017-6159 Denial of Service Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101633

Multiple F5 BIG-IP Products CVE-2017-6160 Denial of Service Vulnerability
2017-11-05
http://www.securityfocus.com/bid/101632

HP Performance Center CVE-2017-14359 Unspecified Cross Site Scripting Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101659

IBM OpenPages CVE-2016-3048 Cross Site Scripting Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101660

ABB FOX515T CVE-2017-14025 Local Information Disclosure Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101662

GraphicsMagick CVE-2017-16352 Heap Buffer Overflow Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101658

Multiple Cisco Products CVE-2017-12277 Remote Command Injection Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101661

Cisco Wireless LAN Controller CVE-2017-12275 Denial of Service Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101657

WordPress 'wpdb::prepare()' Method SQL Injection Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101638

IBM OpenPages GRC Platform CVE-2017-1333 Information Disclosure Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101656

Cisco Aironet Access Points CVE-2017-12273 Denial of Service Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101655

Cisco WebEx Meetings Server CVE-2017-12294 Cross Site Scripting Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101654

GraphicsMagick CVE-2017-16353 Information Disclosure Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101653

Cisco Wireless LAN Controller CVE-2017-12282 Denial of Service Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101650

Cisco WebEx Meetings Server CVE-2017-12295 Information Disclosure Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101651

Multiple Cisco Products CVE-2017-12243 Local Command Injection Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101652

Cisco Aironet CVE-2017-12281 Authentication Bypass Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101649

Cisco Application Policy Infrastructure Controller Enterprise Module Access Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101647

Cisco Aironet Access Points CVE-2017-12274 Denial of Service Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101648

Cisco Aironet 3800 Series Access Points CVE-2017-12283 Denial of Service Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101645

Cisco Wireless LAN Controller CVE-2017-12280 Denial of Service Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101646

Cisco IOS Software for Aironet Access Points CVE-2017-12279 Information Disclosure Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101643

Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101644

Cisco Wireless LAN Controller CVE-2017-12278 Denial of Service Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101642

Cisco Identity Services Engine CVE-2017-12261 Privilege Escalation Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101641

Apple macOS and macOS Server CVE-2017-13826 Multiple Unspecified Security Vulnerabilities
2017-11-04
http://www.securityfocus.com/bid/101637

Cisco Prime Collaboration Provisioning CVE-2017-12276 SQL Injection Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101640

OpenText Documentum Content Server Multiple Security Vulnerabilities
2017-11-04
http://www.securityfocus.com/bid/101639

Multiple F5 BIG-IP Products CVE-2017-6161 Security Bypass Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101636

Multiple F5 BIG-IP Products CVE-2017-6162 Denial of Service Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101635

Multiple F5 BIG-IP Products CVE-2017-6159 Denial of Service Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101633

Multiple F5 BIG-IP Products CVE-2017-6160 Denial of Service Vulnerability
2017-11-04
http://www.securityfocus.com/bid/101632

SANS News

PDF documents & URLs

Threatpost

Tor Browser Users Urged to Patch Critical ‘TorMoil’ Vulnerability

Poisoned Search Results Deliver Banking Malware

Siemens Update Patches SIMATIC PCS 7 Bug in Some Versions

Exploint

Oracle PeopleSoft Enterprise PeopleTools < 8.55 - Remote Code Execution Via Blind...

3.11.2017

Bugtraq

 

Malware

 

Phishing

Netflix Inc.

3rd November 2017

SECURITY ALERT : ABOUT YOUR
ACCOUNT !!

Apple Security Alert

3rd November 2017

Your receipt from Apple.

AOL

2nd November 2017

Info

Vulnerebility

WordPress 'wpdb::prepare()' Method SQL Injection Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101638

Cisco Aironet Access Points CVE-2017-12273 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101655

Cisco WebEx Meetings Server CVE-2017-12294 Cross Site Scripting Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101654

GraphicsMagick CVE-2017-16353 Information Disclosure Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101653

Cisco Wireless LAN Controller CVE-2017-12282 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101650

Cisco WebEx Meetings Server CVE-2017-12295 Information Disclosure Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101651

Multiple Cisco Products CVE-2017-12243 Local Command Injection Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101652

Cisco Aironet CVE-2017-12281 Authentication Bypass Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101649

Cisco Application Policy Infrastructure Controller Enterprise Module Access Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101647

Cisco Aironet Access Points CVE-2017-12274 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101648

Cisco Aironet 3800 Series Access Points CVE-2017-12283 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101645

Cisco Wireless LAN Controller CVE-2017-12280 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101646

Cisco IOS Software for Aironet Access Points CVE-2017-12279 Information Disclosure Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101643

Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101644

Cisco Wireless LAN Controller CVE-2017-12278 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101642

Cisco Identity Services Engine CVE-2017-12261 Privilege Escalation Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101641

Apple macOS and macOS Server CVE-2017-13826 Multiple Unspecified Security Vulnerabilities
2017-11-03
http://www.securityfocus.com/bid/101637

Cisco Prime Collaboration Provisioning CVE-2017-12276 SQL Injection Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101640

OpenText Documentum Content Server Multiple Security Vulnerabilities
2017-11-03
http://www.securityfocus.com/bid/101639

Multiple F5 BIG-IP Products CVE-2017-6161 Security Bypass Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101636

Multiple F5 BIG-IP Products CVE-2017-6162 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101635

Multiple F5 BIG-IP Products CVE-2017-6159 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101633

Multiple F5 BIG-IP Products CVE-2017-6160 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101632

Multiple F5 BIG-IP Products CVE-2017-6157 Remote Command Execution Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101634

Apache Traffic Server CVE-2015-3249 Multiple Remote Code Execution Vulnerabilities
2017-11-03
http://www.securityfocus.com/bid/101631

GNU Wget CVE-2016-7098 Security Bypass Vulnerability
2017-11-03
http://www.securityfocus.com/bid/93157

Apache Traffic Server CVE-2014-3624 Access Bypass Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101630

HP ArcSight ESM and ArcSight ESM Express CVE-2017-14356 SQL Injection Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101627

McAfee Network Data Loss Prevention CVE-2017-3933 Unspecified Cross Site Scripting Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101628

Trihedral Engineering Limited VTScada ICSA-17-304-02 Multiple Local Security Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101629WordPress 'wpdb::prepare()' Method SQL Injection Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101638

Cisco Aironet Access Points CVE-2017-12273 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101655

Cisco WebEx Meetings Server CVE-2017-12294 Cross Site Scripting Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101654

GraphicsMagick CVE-2017-16353 Information Disclosure Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101653

Cisco Wireless LAN Controller CVE-2017-12282 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101650

Cisco WebEx Meetings Server CVE-2017-12295 Information Disclosure Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101651

Multiple Cisco Products CVE-2017-12243 Local Command Injection Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101652

Cisco Aironet CVE-2017-12281 Authentication Bypass Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101649

Cisco Application Policy Infrastructure Controller Enterprise Module Access Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101647

Cisco Aironet Access Points CVE-2017-12274 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101648

Cisco Aironet 3800 Series Access Points CVE-2017-12283 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101645

Cisco Wireless LAN Controller CVE-2017-12280 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101646

Cisco IOS Software for Aironet Access Points CVE-2017-12279 Information Disclosure Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101643

Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101644

Cisco Wireless LAN Controller CVE-2017-12278 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101642

Cisco Identity Services Engine CVE-2017-12261 Privilege Escalation Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101641

Apple macOS and macOS Server CVE-2017-13826 Multiple Unspecified Security Vulnerabilities
2017-11-03
http://www.securityfocus.com/bid/101637

Cisco Prime Collaboration Provisioning CVE-2017-12276 SQL Injection Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101640

OpenText Documentum Content Server Multiple Security Vulnerabilities
2017-11-03
http://www.securityfocus.com/bid/101639

Multiple F5 BIG-IP Products CVE-2017-6161 Security Bypass Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101636

Multiple F5 BIG-IP Products CVE-2017-6162 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101635

Multiple F5 BIG-IP Products CVE-2017-6159 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101633

Multiple F5 BIG-IP Products CVE-2017-6160 Denial of Service Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101632

Multiple F5 BIG-IP Products CVE-2017-6157 Remote Command Execution Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101634

Apache Traffic Server CVE-2015-3249 Multiple Remote Code Execution Vulnerabilities
2017-11-03
http://www.securityfocus.com/bid/101631

GNU Wget CVE-2016-7098 Security Bypass Vulnerability
2017-11-03
http://www.securityfocus.com/bid/93157

Apache Traffic Server CVE-2014-3624 Access Bypass Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101630

HP ArcSight ESM and ArcSight ESM Express CVE-2017-14356 SQL Injection Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101627

McAfee Network Data Loss Prevention CVE-2017-3933 Unspecified Cross Site Scripting Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101628

Trihedral Engineering Limited VTScada ICSA-17-304-02 Multiple Local Security Vulnerability
2017-11-03
http://www.securityfocus.com/bid/101629

SANS News

Attacking SSH Over the Wire - Go Red Team!

Simple Analysis of an Obfuscated JAR File

Threatpost

Taking HTTPS Denial to an Absurd Level

Chain of 11 Bugs Takes Down Galaxy S8 at Mobile Pwn2Own

WordPress Delivers Second Patch For SQL Injection Bug

Exploint

Vir.IT eXplorer Anti-Virus - Privilege Escalation

tnftp - 'savefile' Arbitrary Command Execution (Metasploit)

Ladon Framework for Python 0.9.40 - XML External Entity Expansion

WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection

GraphicsMagick - Memory Disclosure / Heap Overflow

2.11.2017

Bugtraq

 

Malware

 

Phishing

AOL

2nd November 2017

Info

AOL

1st November 2017

More @Aol 2017
 

Vulnerebility

Multiple Cisco Products CVE-2017-12243 Local Command Injection Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101652

Cisco Aironet CVE-2017-12281 Authentication Bypass Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101649

Cisco Application Policy Infrastructure Controller Enterprise Module Access Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101647

Cisco Aironet Access Points CVE-2017-12274 Denial of Service Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101648

Cisco Aironet 3800 Series Access Points CVE-2017-12283 Denial of Service Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101645

Cisco Wireless LAN Controller CVE-2017-12280 Denial of Service Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101646

Cisco IOS Software for Aironet Access Points CVE-2017-12279 Information Disclosure Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101643

Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101644

Cisco Wireless LAN Controller CVE-2017-12278 Denial of Service Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101642

Cisco Identity Services Engine CVE-2017-12261 Privilege Escalation Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101641

Apple macOS and macOS Server CVE-2017-13826 Multiple Unspecified Security Vulnerabilities
2017-11-02
http://www.securityfocus.com/bid/101637

WordPress 'wpdb::prepare()' Method SQL Injection Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101638

Cisco Prime Collaboration Provisioning CVE-2017-12276 SQL Injection Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101640

OpenText Documentum Content Server Multiple Security Vulnerabilities
2017-11-02
http://www.securityfocus.com/bid/101639

Multiple F5 BIG-IP Products CVE-2017-6161 Security Bypass Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101636

Multiple F5 BIG-IP Products CVE-2017-6162 Denial of Service Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101635

Multiple F5 BIG-IP Products CVE-2017-6159 Denial of Service Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101633

Multiple F5 BIG-IP Products CVE-2017-6160 Denial of Service Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101632

Multiple F5 BIG-IP Products CVE-2017-6157 Remote Command Execution Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101634

Apache Traffic Server CVE-2015-3249 Multiple Remote Code Execution Vulnerabilities
2017-11-02
http://www.securityfocus.com/bid/101631

GNU Wget CVE-2016-7098 Security Bypass Vulnerability
2017-11-02
http://www.securityfocus.com/bid/93157

Apache Traffic Server CVE-2014-3624 Access Bypass Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101630

HP ArcSight ESM and ArcSight ESM Express CVE-2017-14356 SQL Injection Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101627

McAfee Network Data Loss Prevention CVE-2017-3933 Unspecified Cross Site Scripting Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101628

Trihedral Engineering Limited VTScada ICSA-17-304-02 Multiple Local Security Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101629

EMC AppSync CVE-2017-14376 Local Hardcoded Credentials Information Disclosure Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101626

Joomla! NS Download Shop Component CVE-2017-15965 SQL Injection Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101624

Apache jUDDI CVE-2009-1197 Security Bypass Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101625

D-Link DSL-2740E ADSL Router Multiple HTML Injection Vulnerabilities
2017-11-02
http://www.securityfocus.com/bid/101622

Apache jUDDI CVE-2009-1198 Cross Site Scripting Vulnerability
2017-11-02
http://www.securityfocus.com/bid/101623

SANS News

 

Threatpost

WordPress Delivers Second Patch For SQL Injection Bug

Silence Gang Borrows From Carbanak To Steal From Banks

Exploint

ZyXEL PK5001Z Modem - Backdoor Account

Ingenious School Management System 2.3.0 - 'friend_index' SQL injection

OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery

Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Buffer Overflow (SEH)

WhatsApp 2.17.52 - Memory Corruption

1.11.2017

Bugtraq

APPLE-SA-2017-10-31-11 Additional information for APPLE-SA-2017-09-20-3 tvOS 11 2017-10-31
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan 2017-10-31
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-10-31-12 Additional information for APPLE-SA-2017-09-25-9 macOS Server 5.4 2017-10-31
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-10-31-3 tvOS 11.1 2017-10-31
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-10-31-10 Additional information for APPLE-SA-2017-09-20-2 watchOS 4 2017-10-31
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-10-31-7 iCloud for Windows 7.1 2017-10-31
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-10-31-9 Additional information for APPLE-SA-2017-09-19-1 iOS 11 2017-10-31
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-10-31-4 watchOS 4.1 2017-10-31
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPESBHF03785 rev.1 - HPE B-Series SAN Network Advisor Software, Multiple Remote Vulnerabilities 2017-10-30
HPE Product Security Response Team (security-alert hpe com)

[SECURITY] [DSA 4009-1] shadowsocks-libev security update 2017-10-29
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4012-1] libav security update 2017-10-30
Moritz Muehlenhoff (jmm debian org)

Malware

 

Phishing

U.S Bank Online

1st November 2017

[News] Message From U.S Bank
Online

Munk, Allison

1st November 2017

Your Reagan Account Has been
compromised

Vulnerebility

Apache Traffic Server CVE-2015-3249 Multiple Remote Code Execution Vulnerabilities
2017-11-01
http://www.securityfocus.com/bid/101631

GNU Wget CVE-2016-7098 Security Bypass Vulnerability
2017-11-01
http://www.securityfocus.com/bid/93157

Apache Traffic Server CVE-2014-3624 Access Bypass Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101630

HP ArcSight ESM and ArcSight ESM Express CVE-2017-14356 SQL Injection Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101627

McAfee Network Data Loss Prevention CVE-2017-3933 Unspecified Cross Site Scripting Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101628

Trihedral Engineering Limited VTScada ICSA-17-304-02 Multiple Local Security Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101629

EMC AppSync CVE-2017-14376 Local Hardcoded Credentials Information Disclosure Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101626

Joomla! NS Download Shop Component CVE-2017-15965 SQL Injection Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101624

Apache jUDDI CVE-2009-1197 Security Bypass Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101625

D-Link DSL-2740E ADSL Router Multiple HTML Injection Vulnerabilities
2017-11-01
http://www.securityfocus.com/bid/101622

Apache jUDDI CVE-2009-1198 Cross Site Scripting Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101623

Linux kernel CVE-2017-15951 Local Denial of Service Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101621

Apache Subversion 'libsvn_fs_fs/fs_fs.c' Denial of Service Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101620

JBoss KeyCloak CVE-2017-12158 Cross Site Scripting Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101618

Cisco Expressway Series and Cisco TelePresence VCS CVE-2017-12287 Denial of Service Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101525

Multiple Barco ClickShare Base Units CVE-2017-9377 Multiple Command Injection Vulnerabilities
2017-11-01
http://www.securityfocus.com/bid/101617

JanTek JTC-200 Cross-Site Request Forgery and Authentication Bypass Vulnerabilities
2017-11-01
http://www.securityfocus.com/bid/101224

Oracle Fusion Middleware CVE-2017-10151 Remote Security Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101619

EyesOfNetwork CVE-2017-15933 SQL Injection Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101615

radare2 'libr/bin/format/elf/elf.c' Remote Denial Of Service Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101614

IBM RSA DM CVE-2017-1295 Unspecified Information Disclosure Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101616

Multiple F5 BIG-IP Products CVE-2017-0303 Denial of Service Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101612

radare2 'libr/bin/format/elf/elf.c' Remote Denial Of Service Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101609

GraphicsMagick CVE-2017-15930 Denial of Service Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101607

Apache Struts 'TextParseUtil.translateVariables()' Method Remote Code Execution Vulnerability
2017-11-01
http://www.securityfocus.com/bid/85131

GNU Binutils CVE-2017-15939 Incomplete Fix Remote Denial of Service Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101613

GNU Binutils CVE-2017-15023 Remote Denial of Service Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101611

GNU Binutils CVE-2017-15938 Remote Denial of Service Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101610

GNU Binutils CVE-2017-15996 Multiple Denial of Service Vulnerabilities
2017-11-01
http://www.securityfocus.com/bid/101608

Multiple F5 BIG-IP Products CVE-2017-6163 Denial of Service Vulnerability
2017-11-01
http://www.securityfocus.com/bid/101606

SANS News

Securing SSH Services - Go Blue Team!!

Threatpost

Popular ‘Circle with Disney’ Parental Control System Riddled With 23 Vulnerabilities

Firefox Bolsters Privacy, Pulls Plug on Browser Canvas Fingerprinting

Exploint

 

31.10.2017

Bugtraq

 

Malware

W97M.Downloader.P

Phishing

 

Vulnerebility

 

SANS News

Some Powershell Malicious Code

Threatpost

Google’s reCaptcha Cracked Again

Flaw in Google Bug Tracker Exposed Reports About Unpatched Vulnerabilities

Malicious Chrome Extension Steals Data Posted to Any Website

Exploint

Oracle Java SE - Web Start jnlp XML External Entity Processing Information...

Ingenious 2.3.0 - Arbitrary File Upload

30.10.2017

Bugtraq

VulnWatch] Advisory 02/2002: PHP remote vulnerability 2017-10-27
e-matters Security (security e-matters de)

Bomgar Remote Support - Local Privilege Escalation (CVE-2017-5996) 2017-10-26
VSR Advisories (advisories vsecurity com)

Malware

 

Phishing

 

Vulnerebility

 

SANS News

Remember ACE files?

Critical Patch For Oracle's Identity Manager

Threatpost

 

Exploint

MitraStar DSL-100HN-T1/GPT-2541GNAC - Privilege Escalation

Online Exam Test Application - 'sort' SQL Injection

Php Inventory - Arbitrary File Upload

Vastal I-Tech Agent Zone - SQL Injection

Website Broker Script - 'status_id' SQL Injection

Zomato Clone Script - 'resid' SQL Injection

WordPress Plugin Ultimate Product Catalog 4.2.24 - PHP Object Injection

29.10.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

SANS News

"Catch-All" Google Chrome Malicious Extension Steals All Posted Data

Threatpost

Rockwell Automation Patches Wireless Access Point against Krack

Apache OpenOffice Update Patches Four Vulnerabilities

Exploint

Tizen Studio 1.3 Smart Development Bridge < 2.3.2 - Buffer Overflow (PoC)

Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference

27.10.2017

Bugtraq

VulnWatch] Advisory 02/2002: PHP remote vulnerability 2017-10-27
e-matters Security (security e-matters de)

Bomgar Remote Support - Local Privilege Escalation (CVE-2017-5996) 2017-10-26
VSR Advisories (advisories vsecurity com)

October 2017 - Bamboo - Critical Security Advisory 2017-10-26
Atlassian (security atlassian com)

KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions 2017-10-24
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation 2017-10-24
KoreLogic Disclosures (disclosures korelogic com)

SECURITY] DSA 4006-1] mupdf security update 2017-10-24
Luciano Bello (luciano debian org)

security bulletin] HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service 2017-10-23
HPE Product Security Response Team (security-alert hpe com)

SECURITY] DSA 4003-1] libvirt security update 2017-10-19
Salvatore Bonaccorso (carnil debian org)

Malware

 

Phishing

Michael David

26th October 2017

Please view this important
document

Vulnerebility

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-10-27
http://www.securityfocus.com/bid/101274

MIT krb5 CVE-2017-15088 Remote Buffer Overflow Vulnerability
2017-10-27
http://www.securityfocus.com/bid/101594

Google Chrome CVE-2017-5090 Security Bypass Vulnerability
2017-10-27
http://www.securityfocus.com/bid/101591

IBM Jazz Foundation CVE-2017-1164 Cross Site Scripting Vulnerability
2017-10-26
http://www.securityfocus.com/bid/101586

OpenSSH CVE-2016-6515 Denial of Service Vulnerability
2017-10-26
http://www.securityfocus.com/bid/92212

OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2017-10-26
http://www.securityfocus.com/bid/101552

Google V8 CVE-2017-15396 Stack Based Buffer Overflow Vulnerability
2017-10-26
http://www.securityfocus.com/bid/101597

GNU wget CVE-2017-13089 Stack Buffer Overflow Vulnerability
2017-10-26
http://www.securityfocus.com/bid/101592

GNU wget CVE-2017-13090 Heap Buffer Overflow Vulnerability
2017-10-26
http://www.securityfocus.com/bid/101590

Apache OpenOffice Multiple Remote Code Execution Vulnerabilities
2017-10-26
http://www.securityfocus.com/bid/101585

Multiple Pivotal Products CVE-2015-5170 Cross Site Request Forgery Vulnerability
2017-10-26
http://www.securityfocus.com/bid/101579

ProxySG and ASG CVE-2016-9097 Remote Authorization Bypass Vulnerability
2017-10-26
http://www.securityfocus.com/bid/101530

IBM DOORS Next Generation CVE-2017-1169 Cross Site Scripting Vulnerability
2017-10-25
http://www.securityfocus.com/bid/101593

SANS News

Ursnif Banking Trojan Spreading In Japan

Two Critical Vulnerabilities Found In Inmarsat’s SATCOM Systems

Threatpost

 

Exploint

HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow

PHPMailer < 5.2.21 - Local File Disclosure

Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference

26.10.2017

Bugtraq

October 2017 - Bamboo - Critical Security Advisory 2017-10-26
Atlassian (security atlassian com)

KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions 2017-10-24
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation 2017-10-24
KoreLogic Disclosures (disclosures korelogic com)

SECURITY] DSA 4006-1] mupdf security update 2017-10-24
Luciano Bello (luciano debian org)

Malware

 

Phishing

 

Vulnerebility

OpenSSH CVE-2016-6515 Denial of Service Vulnerability
2017-10-26
http://www.securityfocus.com/bid/92212

OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2017-10-26
http://www.securityfocus.com/bid/101552

IBM Storwize V7000 CVE-2017-1375 Unified Information Disclosure Vulnerability
2017-10-25
http://www.securityfocus.com/bid/101561

TYPO3 Core TYPO3-SA-2010-012 Multiple Remote Security Vulnerabilities
2017-10-24
http://www.securityfocus.com/bid/42029

Redis CVE-2016-10517 Cross Site Scripting Vulnerability
2017-10-24
http://www.securityfocus.com/bid/101572

IBM BigFix Platform Multiple Security Vulnerabilities
2017-10-24
http://www.securityfocus.com/bid/101571

IBM OpenPages GRC Platform CVE-2016-3049 HTML Injection Vulnerability
2017-10-24
http://www.securityfocus.com/bid/101568

SANS News

Macro-less Code Execution in MS Word

Threatpost

Hackers Prepping IOTroop Botnet with Exploits

BadRabbit Ransomware Attacks Hitting Russia, Ukraine

Exploint

Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Unauthenticated Remote Code Execution...

KeystoneJS 4.0.0-beta.5 - Cross-Site Scripting

KeystoneJS 4.0.0-beta.5 - CSV Excel Macro Injection

25.10.2017

Bugtraq

KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory Permissions 2017-10-24
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2017-017 : Infoblox NetMRI Administration Shell Escape and Privilege Escalation 2017-10-24
KoreLogic Disclosures (disclosures korelogic com)

SECURITY] DSA 4006-1] mupdf security update 2017-10-24
Luciano Bello (luciano debian org)

security bulletin] HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service 2017-10-23
HPE Product Security Response Team (security-alert hpe com)

SECURITY] DSA 4003-1] libvirt security update 2017-10-19
Salvatore Bonaccorso (carnil debian org)

SECURITY] DSA 4002-1] mysql-5.5 security update 2017-10-19
Salvatore Bonaccorso (carnil debian org)

Malware

Ransom.BadRabbit

VBS.Downloader.C

Phishing

 

Vulnerebility

TYPO3 Core TYPO3-SA-2010-012 Multiple Remote Security Vulnerabilities
2017-10-24
http://www.securityfocus.com/bid/42029

Infineon RSA Library CVE-2017-15361 Cryptographic Security Bypass Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101484

Symantec Endpoint Encryption CVE-2017-13675 Denial-of-Service Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101089

Jenkins Build Publisher Plugin Information Disclosure Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101544

Jenkins Global Build Stats Plugin Multiple Security Vulnerabilities
2017-10-23
http://www.securityfocus.com/bid/101539

Jenkins Active Choices Plugin HTML Injection Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101538

Jenkins SCP Publisher Plugin SSH credentials Information Disclosure Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101537

cURL/libcURL CVE-2017-1000257 Buffer Overflow Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101519

Symantec Endpoint Encryption CVE-2017-13683 Denial-of-Service Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101498

Symantec Encryption Desktop CVE-2017-13682 Denial-of-Service Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101497

Foxit Reader CVE-2017-15771 Remote Buffer Overflow Vulnerability
2017-10-22
http://www.securityfocus.com/bid/101549

Foxit Reader CVE-2017-15770 Remote Buffer Overflow Vulnerability
2017-10-22
http://www.securityfocus.com/bid/101540

GNU glibc CVE-2017-15804 Heap Buffer Overflow Vulnerability
2017-10-22
http://www.securityfocus.com/bid/101535

Multiple F5 BIG-IP Products CVE-2017-6165 Local Information Disclosure Vulnerability
2017-10-20
http://www.securityfocus.com/bid/101543

Apache James CVE-2017-12628 Arbitrary Command Execution Vulnerability
2017-10-20
http://www.securityfocus.com/bid/101532

Cisco AMP for Endpoints CVE-2017-12317 Local Privilege Escalation Vulnerability
2017-10-20
http://www.securityfocus.com/bid/101520

FFmpeg CVE-2017-15186 Denial of Service Vulnerability
2017-10-20
http://www.securityfocus.com/bid/101518

GNU glibc CVE-2017-15671 Local Denial of Service Vulnerability
2017-10-20
http://www.securityfocus.com/bid/101517

Oracle E-Business Suite CVE-2017-10416 Remote Security Vulnerability
2017-10-19
http://www.securityfocus.com/bid/101303

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/91453

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/95813

cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2017-10-19
http://www.securityfocus.com/bid/70988

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/98888

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/65727

Wireshark TN5250 Dissector CVE-2014-8714 Infinite Loop Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/71072

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/68348

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-10-19
http://www.securityfocus.com/bid/95814

SANS News

DUHK attack, continuing a week of named issues

Threatpost

BadRabbit Ransomware Attacks Hitting Russia, Ukraine

Whois Maintainer Accidentally Makes Password Hashes Available For Download

Exploit

 

24.10.2017

Bugtraq

security bulletin] HPESBHF03779 rev.1 - HPE Fabric OS using OpenSSH, Denial of Service 2017-10-23
HPE Product Security Response Team (security-alert hpe com)

SECURITY] DSA 4003-1] libvirt security update 2017-10-19
Salvatore Bonaccorso (carnil debian org)

SECURITY] DSA 4002-1] mysql-5.5 security update 2017-10-19
Salvatore Bonaccorso (carnil debian org)

Malware

Exp.CVE-2017-11826

Phishing

 

Vulnerebility

TYPO3 Core TYPO3-SA-2010-012 Multiple Remote Security Vulnerabilities
2017-10-24
http://www.securityfocus.com/bid/42029

Infineon RSA Library CVE-2017-15361 Cryptographic Security Bypass Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101484

Symantec Endpoint Encryption CVE-2017-13675 Denial-of-Service Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101089

Jenkins Build Publisher Plugin Information Disclosure Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101544

Jenkins Global Build Stats Plugin Multiple Security Vulnerabilities
2017-10-23
http://www.securityfocus.com/bid/101539

Jenkins Active Choices Plugin HTML Injection Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101538

Jenkins SCP Publisher Plugin SSH credentials Information Disclosure Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101537

cURL/libcURL CVE-2017-1000257 Buffer Overflow Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101519

Symantec Endpoint Encryption CVE-2017-13683 Denial-of-Service Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101498

Symantec Encryption Desktop CVE-2017-13682 Denial-of-Service Vulnerability
2017-10-23
http://www.securityfocus.com/bid/101497

Foxit Reader CVE-2017-15770 Remote Buffer Overflow Vulnerability
2017-10-22
http://www.securityfocus.com/bid/101540

GNU glibc CVE-2017-15804 Heap Buffer Overflow Vulnerability
2017-10-22
http://www.securityfocus.com/bid/101535

Apache James CVE-2017-12628 Arbitrary Command Execution Vulnerability
2017-10-20
http://www.securityfocus.com/bid/101532

Cisco AMP for Endpoints CVE-2017-12317 Local Privilege Escalation Vulnerability
2017-10-20
http://www.securityfocus.com/bid/101520

FFmpeg CVE-2017-15186 Denial of Service Vulnerability
2017-10-20
http://www.securityfocus.com/bid/101518

GNU glibc CVE-2017-15671 Local Denial of Service Vulnerability
2017-10-20
http://www.securityfocus.com/bid/101517

Oracle E-Business Suite CVE-2017-10416 Remote Security Vulnerability
2017-10-19
http://www.securityfocus.com/bid/101303

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/91453

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/95813

cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2017-10-19
http://www.securityfocus.com/bid/70988

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/98888

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/65727

Wireshark TN5250 Dissector CVE-2014-8714 Infinite Loop Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/71072

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/68348

SANS News

BadRabbit: New ransomware wave hitting RU & UA

Stop relying on file extensions

Threatpost

Latest Sofacy Campaign Targeting Security Researchers

Exploit

Polycom - Command Shell Authorization Bypass (Metasploit)

Unitrends UEB 9 - bpserverd Authentication Bypass Remote Command Execution...

Unitrends UEB 9 - http api/storage Remote Root (Metasploit)

Ayukov NFTP FTP Client < 2.0 - Buffer Overflow

FS OLX Clone - 'catg_id' SQL Injection

FS Lynda Clone - 'category' SQL Injection

FS Indiamart Clone - 'keywords' SQL Injection

FS Groupon Clone - 'category' SQL Injection

FS Freelancer Clone - 'sk' SQL Injection

FS Expedia Clone - 'hid' SQL Injection

FS Food Delivery Script - 'keywords' SQL Injection

Mikogo 5.4.1.160608 - Local Credentials Disclosure

23.10.2017

Bugtraq

 

Malware

Linux.Iotreaper

Trojan.Turla.B

Phishing

Santander

22nd October 2017

Your online account status

Vulnerebility

 

SANS News

Is a telco in Brazil hosting an epidemic of open SOCKS proxies?

Threatpost

New Magniber Ransomware Targets South Korea, Asia Pacific

Exploit

Ayukov NFTP FTP Client < 2.0 - Buffer Overflow

CometChat < 6.2.0 BETA 1 - Local File Inclusion

Logitech Media Server - Cross-Site Scripting

TP-Link TL-MR3220 - Cross-Site Scripting

ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service

Linux Kernel 4.14.0-rc4+ - 'waitid()' Privilege Escalation

Ayukov NFTP FTP Client < 2.0 - Buffer Overflow

20.10.2017

Bugtraq

FreeBSD Security Advisory FreeBSD-SA-17:07.wpa REVISED] 2017-10-19
FreeBSD Security Advisories (security-advisories freebsd org)

Malware

 

Phishing

Support

20th October 2017

PAYMENT RECEIPT EVOLVE MONSTER
: 6540 DIAMONDS

Vulnerebility

Oracle E-Business Suite CVE-2017-10416 Remote Security Vulnerability
2017-10-19
http://www.securityfocus.com/bid/101303

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/91453

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/95813

cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2017-10-19
http://www.securityfocus.com/bid/70988

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/98888

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/65727

Wireshark TN5250 Dissector CVE-2014-8714 Infinite Loop Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/71072

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/68348

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-10-19
http://www.securityfocus.com/bid/95814

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2017-10-19
http://www.securityfocus.com/bid/69168

Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability
2017-10-19
http://www.securityfocus.com/bid/98050

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/67121

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/93171

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/67899

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2017-10-19
http://www.securityfocus.com/bid/89760

Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability
2017-10-19
http://www.securityfocus.com/bid/91869

Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2017-10-19
http://www.securityfocus.com/bid/78215

NTP CVE-2016-7431 Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/94454

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/93150

Oracle Java Advanced Management Console CVE-2017-10380 Remote Security Vulnerability
2017-10-19
http://www.securityfocus.com/bid/101450

Oracle Java SE and JRockit CVE-2017-10356 Local Security Vulnerability
2017-10-19
http://www.securityfocus.com/bid/101413

SANS News

Necurs Botnet malspam pushes Locky using DDE attack

Using Yara rules with Volatility

Threatpost

Google Play Bounty Promises $1,000 Rewards for Flaws in Popular Apps

Hackers Take Aim at SSH Keys in New Attacks

Google Advanced Protection Trades Ease-of-Use for Security

Exploit

Microsoft Game Definition File Editor 6.3.9600 - XML External Entity Injection

TP-Link WR940N - Authenticated Remote Code Exploit

Check_MK 1.2.8p25 - Information Disclosure

ZKTime Web Software 2.0 - Improper Access Restrictions

ZKTime Web Software 2.0 - Cross-Site Request Forgery

Mozilla Firefox < 55 - Denial of Service

19.10.2017

Bugtraq

FreeBSD Security Advisory FreeBSD-SA-17:07.wpa REVISED] 2017-10-19
FreeBSD Security Advisories (security-advisories freebsd org)

slackware-security] xorg-server (SSA:2017-291-03) 2017-10-18
Slackware Security Team (security slackware com)

slackware-security] wpa_supplicant (SSA:2017-291-02) 2017-10-18
Slackware Security Team (security slackware com)

slackware-security] libXres (SSA:2017-291-01) 2017-10-18
Slackware Security Team (security slackware com)

WebKitGTK+ Security Advisory WSA-2017-0008 2017-10-18
Carlos Alberto Lopez Perez (clopez igalia com)

SEC Consult SA-20171018-1 :: Multiple vulnerabilities in Linksys E-series products 2017-10-18
SEC Consult Vulnerability Lab (research sec-consult com)

Malware

Trojan.Esaprof

Phishing

 

Vulnerebility

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/91453

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/95813

cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2017-10-19
http://www.securityfocus.com/bid/70988

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/98888

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/65727

Wireshark TN5250 Dissector CVE-2014-8714 Infinite Loop Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/71072

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/68348

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-10-19
http://www.securityfocus.com/bid/95814

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2017-10-19
http://www.securityfocus.com/bid/69168

Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability
2017-10-19
http://www.securityfocus.com/bid/98050

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/67121

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/93171

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2017-10-19
http://www.securityfocus.com/bid/67899

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2017-10-19
http://www.securityfocus.com/bid/89760

Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability
2017-10-19
http://www.securityfocus.com/bid/91869

Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2017-10-19
http://www.securityfocus.com/bid/78215

NTP CVE-2016-7431 Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/94454

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2017-10-19
http://www.securityfocus.com/bid/93150

Oracle Java Advanced Management Console CVE-2017-10380 Remote Security Vulnerability
2017-10-19
http://www.securityfocus.com/bid/101450

Oracle Java SE and JRockit CVE-2017-10356 Local Security Vulnerability
2017-10-19
http://www.securityfocus.com/bid/101413

RSA Archer GRC CMS Multiple Security Vulnerabilities
2017-10-18
http://www.securityfocus.com/bid/101195

Oracle Database Server CVE-2016-3506 Remote Security Vulnerability
2017-10-18
http://www.securityfocus.com/bid/91867

Perl 'perl.c' CVE-2016-2381 Security Bypass Vulnerability
2017-10-18
http://www.securityfocus.com/bid/83802

lcms2 CVE-2016-10165 Out-of-Bounds Read Denial of Service Vulnerability
2017-10-18
http://www.securityfocus.com/bid/95808

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2017-10-18
http://www.securityfocus.com/bid/66397

GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2017-10-18
http://www.securityfocus.com/bid/72325

Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
2017-10-18
http://www.securityfocus.com/bid/75919

Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
2017-10-18
http://www.securityfocus.com/bid/93236

Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
2017-10-18
http://www.securityfocus.com/bid/95429

Cisco WebEx Meetings Server CVE-2017-12296 Cross Site Scripting Vulnerability
2017-10-18
http://www.securityfocus.com/bid/101489

SANS News

HSBC-themed malspam uses ISO attachments to push Loki Bot malware

Threatpost

FBI Asks Businesses to Share Details About DDoS Attacks

Critical Code Execution Flaw Patched in PeopleSoft Core Engine

Exploit

Xen - Unbounded Recursion in Pagetable De-typing

Afian AB FileRun 2017.03.18 - Multiple Vulnerabilities

Linksys E Series - Multiple Vulnerabilities

Wordpress Plugin Car Park Booking - SQL Injection

18.10.2017

Bugtraq

SECURITY] DSA 3999-1] wpa security update 2017-10-16
Yves-Alexis Perez (corsac debian org)

SEC Consult SA-20171016-0 :: Multiple vulnerabilities in Micro Focus VisiBroker C++ 2017-10-16
SEC Consult Vulnerability Lab (research sec-consult com)

security bulletin] MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege 2017-10-13
swpmb cyber-psrt microfocus com

Advisory X41-2017-010: Command Execution in Shadowsocks-libev 2017-10-13
X41 D-Sec GmbH Advisories (advisories x41-dsec de)

Advisory X41-2017-008: Multiple Vulnerabilities in Shadowsocks 2017-10-13
X41 D-Sec GmbH Advisories (advisories x41-dsec de)

Malware

 

Phishing

AOL

17th October 2017

Your AOL email will be blocked

Amazon.com

16th October 2017

Your Amazon.com order cannot
be shipped

Vulnerebility

lcms2 CVE-2016-10165 Out-of-Bounds Read Denial of Service Vulnerability
2017-10-18
http://www.securityfocus.com/bid/95808

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2017-10-18
http://www.securityfocus.com/bid/66397

GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2017-10-18
http://www.securityfocus.com/bid/72325

Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
2017-10-18
http://www.securityfocus.com/bid/75919

Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
2017-10-18
http://www.securityfocus.com/bid/93236

Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
2017-10-18
http://www.securityfocus.com/bid/95429

Oracle Java Advanced Management Console CVE-2017-10380 Remote Security Vulnerability
2017-10-18
http://www.securityfocus.com/bid/101450

Oracle E-Business Suite CVE-2017-10416 Remote Security Vulnerability
2017-10-18
http://www.securityfocus.com/bid/101303

Oracle E-Business Suite CVE-2017-10417 Remote Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101308

Oracle E-Business Suite CVE-2017-10329 Remote Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101300

Oracle Hospitality Hotel Mobile CVE-2017-10014 Remote Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101299

Oracle E-Business Suite CVE-2017-10330 Remote Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101298

Oracle Hospitality Hotel Mobile CVE-2017-10353 Remote Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101305

Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability
2017-10-17
http://www.securityfocus.com/bid/83330

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-10-17
http://www.securityfocus.com/bid/101274

Liblouis CVE-2014-8184 Stack Based Buffer Overflow Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101289

SAP Host Agent CVE-2017-15297 Denial of Service Vulnerability
2017-10-17
http://www.securityfocus.com/bid/99528

Apache Struts Incomplete Fix Remote Code Execution Vulnerability
2017-10-17
http://www.securityfocus.com/bid/91277

SAP Point of Sale (POS) Retail Xpress Server Authentication Bypass Vulnerability
2017-10-17
http://www.securityfocus.com/bid/100713

SAP Customer Relationship Management (CRM) Cross Site Scripting Vulnerability
2017-10-17
http://www.securityfocus.com/bid/99532

Oracle PeopleSoft Enterprise PT PeopleTools CVE-2017-10418 Remote Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101462

Oracle Hospitality Suite8 CVE-2017-10419 Local Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101461

Oracle PeopleSoft Enterprise PT PeopleTools CVE-2017-10373 Remote Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101460

Oracle Hospitality OPERA 5 Property Services CVE-2017-10197 Local Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101459

Oracle PeopleSoft Enterprise PT PeopleTools CVE-2017-10335 Remote Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101458

Oracle Hospitality Suite8 CVE-2017-10389 Local Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101457

Oracle Hospitality Cruise Materials Management CVE-2017-10054 Local Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101456

Oracle PeopleSoft Enterprise PT PeopleTools CVE-2017-10366 Remote Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101455

Oracle Hospitality Suite8 CVE-2017-10317 Local Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101454

Oracle Hospitality Cruise Materials Management CVE-2017-10401 Local Security Vulnerability
2017-10-17
http://www.securityfocus.com/bid/101453

SANS News

 

Threatpost

Oracle Patches 250 Bugs in Quarterly Critical Patch Update

Adobe Patches Flash Zero Day Exploited by Black Oasis APT

Exploit

Microsoft Windows - 'nt!NtQueryObject (ObjectNameInformation)' Kernel Pool Memory...

Microsoft Edge Chakra JIT - 'RegexHelper::StringReplace' Must Call the Callback...

Microsoft Edge Chakra - Accesses to Uninitialized Pointers in...

Microsoft Edge Chakra JIT - Incorrect GenerateBailOut Calling Patterns

Microsoft Windows 10 - WLDP/MSHTML CLSID UMCI Bypass

Microsoft Excel - OLE Arbitrary Code Execution

Tomcat - Remote Code Execution via JSP Upload Bypass (Metasploit)

Apple iOS 10.2 (14C92) - Remote Code Execution

Apache Solr 7.0.1 - XML External Entity Expansion / Remote Code Execution

OpenText Documentum Content Server - Arbitrary File Download

OpenText Documentum Content Server - dmr_content Privilege Escalation

OpenText Documentum Content Server - Arbitrary File Download Privilege Escalation

OpenText Documentum Content Server - Privilege Escalation

3CX Phone System 15.5.3554.1 - Directory Traversal

Shadowsocks - Log File Command Execution

shadowsocks-libev 3.1.0 - Command Execution

Linux Kernel - 'AF_PACKET' Use-After-Free

17.10.2017

Bugtraq

SECURITY] DSA 3999-1] wpa security update 2017-10-16
Yves-Alexis Perez (corsac debian org)

SEC Consult SA-20171016-0 :: Multiple vulnerabilities in Micro Focus VisiBroker C++ 2017-10-16
SEC Consult Vulnerability Lab (research sec-consult com)

security bulletin] MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege 2017-10-13
swpmb cyber-psrt microfocus com

Malware

Ransom.Hermes.B
Exp.CVE-2017-11292

Phishing

Amazon.com

16th October 2017

Your Amazon.com order cannot
be shipped

Vulnerebility

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-10-16
http://www.securityfocus.com/bid/101274

Adobe Flash Player CVE-2017-11292 Type Confusion Remote Code Execution Vulnerability
2017-10-16
http://www.securityfocus.com/bid/101286

AlienVault USM CVE-2017-14956 Cross Site Request Forgery Vulnerability
2017-10-16
http://www.securityfocus.com/bid/101284

Fortinet FortiWLC CVE-2017-7335 Multiple Cross Site Scripting Vulnerabilities
2017-10-13
http://www.securityfocus.com/bid/101287

Fortinet FortiMail CVE-2017-7732 Cross Site Scripting Vulnerability
2017-10-13
http://www.securityfocus.com/bid/101278

Fortinet FortiWLC CVE-2017-7341 OS Command Injection Vulnerability
2017-10-13
http://www.securityfocus.com/bid/101273

HP Connected Backup CVE-2017-14355 Unspecified Local Privilege Escalation Vulnerability
2017-10-13
http://www.securityfocus.com/bid/101270

Oracle October 2017 Critical Patch Update Multiple Vulnerabilities
2017-10-13
http://www.securityfocus.com/bid/101265

MultiFLEX M10a Controller Multiple Security Vulnerabilities
2017-10-13
http://www.securityfocus.com/bid/101259

SQLite CVE-2017-15286 Denial of Service Vulnerability
2017-10-12
http://www.securityfocus.com/bid/101285

QEMU CVE-2017-15268 Denial of Service Vulnerability
2017-10-12
http://www.securityfocus.com/bid/101277

ImageMagick CVE-2017-15281 Denial of Service Vulnerability
2017-10-12
http://www.securityfocus.com/bid/101276

Atlassian Bamboo CVE-2017-9514 Remote Code Execution Vulnerability
2017-10-12
http://www.securityfocus.com/bid/101269

Apache Solr/Lucene CVE-2017-12629 Information Disclosure and Remote Code Execution Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101261

NXP Semiconductors MQX RTOS ICSA-17-285-04 Buffer Overflow and Denial Of Service Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101252

Wecon LEVI Studio HMI Editor CVE-2017-13999 Multiple Stack Based Buffer Overflow Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101250

Envitech EnviDAS Ultimate CVE-2017-9625 Authentication Bypass Vulnerability
2017-10-12
http://www.securityfocus.com/bid/101249

Multiple Siemens Products Authentication Bypass and Directory Traversal Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101248

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2017-10-11
http://www.securityfocus.com/bid/101059

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities
2017-10-11
http://www.securityfocus.com/bid/101054

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability
2017-10-11
http://www.securityfocus.com/bid/101053

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities
2017-10-11
http://www.securityfocus.com/bid/101055

SANS News

Hancitor malspam uses DDE attack

Threatpost

KRACK ATTACK DEVASTATES WI-FI SECURITY

Factorization Flaw in TPM Chips Makes Attacks on RSA Private Keys Feasible

Adobe Patches Flash Zero Day Exploited by Black Oasis APT

Exploit

3CX Phone System 15.5.3554.1 - Directory Traversal

Vulnerabilities

Windows x64 - API Hooking Shellcode (117 bytes)

Microsoft Office Groove - 'Workspace Shortcut' Arbitrary Code Execution

16.10.2017

Bugtraq

SECURITY] DSA 3999-1] wpa security update 2017-10-16
Yves-Alexis Perez (corsac debian org)

SEC Consult SA-20171016-0 :: Multiple vulnerabilities in Micro Focus VisiBroker C++ 2017-10-16
SEC Consult Vulnerability Lab (research sec-consult com)

security bulletin] MFSBGN03786 rev.1 - HPE Connected Backup, Local Escalation of Privilege 2017-10-13
swpmb cyber-psrt microfocus com

Advisory X41-2017-010: Command Execution in Shadowsocks-libev 2017-10-13
X41 D-Sec GmbH Advisories (advisories x41-dsec de)

Advisory X41-2017-008: Multiple Vulnerabilities in Shadowsocks 2017-10-13
X41 D-Sec GmbH Advisories (advisories x41-dsec de)

Malware

Android.Sockbot

Exp.CVE-2017-11762
Exp.CVE-2017-8727

Exp.CVE-2017-11793
Exp.CVE-2017-11798

Exp.CVE-2017-11800

Exp.CVE-2017-11810

Exp.CVE-2017-11822

Phishing

 

Vulnerebility

Oracle October 2017 Critical Patch Update Multiple Vulnerabilities
2017-10-13
http://www.securityfocus.com/bid/101265

MultiFLEX M10a Controller Multiple Security Vulnerabilities
2017-10-13
http://www.securityfocus.com/bid/101259

Apache Solr/Lucene CVE-2017-12629 Information Disclosure and Remote Code Execution Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101261

NXP Semiconductors MQX RTOS ICSA-17-285-04 Buffer Overflow and Denial Of Service Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101252

Wecon LEVI Studio HMI Editor CVE-2017-13999 Multiple Stack Based Buffer Overflow Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101250

Envitech EnviDAS Ultimate CVE-2017-9625 Authentication Bypass Vulnerability
2017-10-12
http://www.securityfocus.com/bid/101249

Multiple Siemens Products Authentication Bypass and Directory Traversal Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101248

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2017-10-11
http://www.securityfocus.com/bid/101059

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities
2017-10-11
http://www.securityfocus.com/bid/101054

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability
2017-10-11
http://www.securityfocus.com/bid/101053

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities
2017-10-11
http://www.securityfocus.com/bid/101055

Oniguruma CVE-2017-9227 Out of Bounds Read Memory Corruption Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100538

FFmpeg CVE-2017-14767 Heap Buffer Overflow Vulnerability
2017-10-11
http://www.securityfocus.com/bid/101019

SANS News

WPA2 "KRACK" Attack

Peeking into .msg files

Threatpost

Cyberespionage Group Steps Up Campaigns Against Japanese Firms

Hyatt Hit By Credit Card Breach, Again

Exploit

AlienVault Unified Security Management (USM) 5.4.2 - Cross-Site Request Forgery

Webmin 1.850 - Multiple Vulnerabilities

15.10.2017

Bugtraq

Multiple vulnerabilities in OpenText Documentum Content Server 2017-10-13
Andrey B. Panfilov (andrew panfilov tel)

SECURITY] DSA 3995-1] libxfont security update 2017-10-10
Moritz Muehlenhoff (jmm debian org)

Malware

 

Phishing

Chase Online

14th October 2017

Request to update your details
with Chase!

E-mail Administrator

12th October 2017

Avoid account deactivation

Vulnerebility

Oracle October 2017 Critical Patch Update Multiple Vulnerabilities
2017-10-13
http://www.securityfocus.com/bid/101265

MultiFLEX M10a Controller Multiple Security Vulnerabilities
2017-10-13
http://www.securityfocus.com/bid/101259

Apache Solr/Lucene CVE-2017-12629 Information Disclosure and Remote Code Execution Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101261

NXP Semiconductors MQX RTOS ICSA-17-285-04 Buffer Overflow and Denial Of Service Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101252

Wecon LEVI Studio HMI Editor CVE-2017-13999 Multiple Stack Based Buffer Overflow Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101250

Envitech EnviDAS Ultimate CVE-2017-9625 Authentication Bypass Vulnerability
2017-10-12
http://www.securityfocus.com/bid/101249

Multiple Siemens Products Authentication Bypass and Directory Traversal Vulnerabilities
2017-10-12
http://www.securityfocus.com/bid/101248

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2017-10-11
http://www.securityfocus.com/bid/101059

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities
2017-10-11
http://www.securityfocus.com/bid/101054

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability
2017-10-11
http://www.securityfocus.com/bid/101053

SANS News

 

Threatpost

 

Exploit

Sync Breeze Enterprise 10.1.16 - Buffer Overflow (SEH) (Metasploit)

phpMyFAQ 2.9.8 - Cross-Site Scripting

Dreambox Plugin BouquetEditor - Cross-Site Scripting

TYPO3 Extension Restler 1.7.0 - Local File Disclosure

E-Sic Software livre CMS - Cross Site Scripting

E-Sic Software livre CMS - 'f' Parameter SQL Injection

E-Sic Software livre CMS - 'cpfcnpj' Parameter SQL Injection

E-Sic Software livre CMS - Autentication Bypass

Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (30 bytes)

13.10.2017

Bugtraq

SECURITY] DSA 3995-1] libxfont security update 2017-10-10
Moritz Muehlenhoff (jmm debian org)

SECURITY] DSA 3994-1] nautilus security update 2017-10-08
Yves-Alexis Perez (corsac debian org)

SECURITY] DSA 3993-1] tor security update 2017-10-06
Moritz Muehlenhoff (jmm debian org)

Malware

 

Phishing

E-mail Administrator

12th October 2017

Avoid account deactivation

Auto-Confirm Amazon

12th October 2017

Your Amazon.com
(#204-2683040-3434708)

American Express

11th October 2017

Confirmation of Your Recent
Address Update

DocuSign

11th October 2017

DOCUSIGN NOTIFICATIONS-

Bank of America

10th October 2017

Account Update

Vulnerebility

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2017-10-11
http://www.securityfocus.com/bid/101059

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities
2017-10-11
http://www.securityfocus.com/bid/101054

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability
2017-10-11
http://www.securityfocus.com/bid/101053

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities
2017-10-11
http://www.securityfocus.com/bid/101055

Oniguruma CVE-2017-9227 Out of Bounds Read Memory Corruption Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100538

FFmpeg CVE-2017-14767 Heap Buffer Overflow Vulnerability
2017-10-11
http://www.securityfocus.com/bid/101019

FFmpeg 'libavformat/asfdec_f.c' Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100703

FFmpeg CVE-2017-14171 Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100706

FFmpeg 'libavformat/mov.c' Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100701

FFmpeg 'libavutil/pixdesc.c' NULL pointer Dereference Remote Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100704

FFmpeg 'libavformat/mxfdec.c' Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100700

FFmpeg 'libavformat/mxfdec.c' Security Bypass Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100692

FFmpeg 'libavformat/asfdec_f.c' Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100630

FFmpeg 'libavformat/cinedec.c' Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100631

FFmpeg CVE-2017-14055 Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100626

FFmpeg 'libavformat/rmdec.c' Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100627

FFmpeg CVE-2017-14058 Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100629

FFmpeg CVE-2017-14056 Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100628

Linux kernel CVE-2017-14106 Local Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100878

Linux Kernel 'mm/migrate.c' Local Information Disclosure Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100876

Xen CVE-2017-12134 Memory Corruption Vulnerability
2017-10-11
http://www.securityfocus.com/bid/100343

GNU Binutils CVE-2017-14939 Remote Denial of Service Vulnerability
2017-10-11
http://www.securityfocus.com/bid/101216

Wireshark MBIM Dissector 'epan/dissectors/packet-mbim.c' Denial of Service Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101240

Intel Bootgaurd CVE-2017-5722 Local Security Bypass Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101236

Wireshark BT ATT Dissector 'epan/dissectors/packet-btatt.c' Denial of Service Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101235

ImageMagick CVE-2017-15218 Denial of Service Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101233

ImageMagick 'coders/sgi.c' Denial of Service Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101231

Wireshark RTSP Dissector 'epan/dissectors/packet-rtsp.c' Denial of Service Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101229

Wireshark DOCSIS Dissector '/docsis/packet-docsis.c' Denial of Service Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101228

Wireshark DMP Dissector CVE-2017-15191 Denial of Service Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101227

SANS News

Version control tools aren't only for Developers

Threatpost

Locky Gets Updated to ‘Ykcol’, Part of Rapid-Fire Spam Campaigns

Equifax Takes Down Compromised Page Redirecting to Adware Download

Exploit

OctoberCMS 1.0.425 (Build 425) - Cross-Site Scripting

10.10.2017

Bugtraq

 

Malware

 

Phishing

Bank of America

10th October 2017

Account Update

Vulnerebility

GNU Binutils CVE-2017-14939 Remote Denial of Service Vulnerability
2017-10-26
http://www.securityfocus.com/bid/101216

SAP NetWeaver Mobile Client Information Disclosure Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101218

SAP NetWeaver Mobile Client Information Disclosure Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101214

Microsoft Windows CVE-2017-11829 Local Privilege Escalation Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101213

SAP NetWeaver System Landscape Directory Information Disclosure Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101211

SAP ERP Remote Authorization Bypass Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101210

SAP Customer Relationship Management (CRM) IC WebClient Unspecified Spoofing Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101209

SAP NetWeaver Instance Agent Service Memory Corruption Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101208

SAP Netweaver Web Dynpro ABAP Denial of Service Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101207

SAP Customer Relationship Management Mail Form Editor Cross Site Scripting Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101206

SAP NetWeaver Instance Agent Service Information Disclosure Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101205

Microsoft Windows DNSAPI CVE-2017-11779 Remote Code Execution Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101166

Microsoft Windows Subsystem for Linux CVE-2017-8703 Local Denial of Service Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101164

Microsoft Windows Device Guard CVE-2017-8715 Local Security Bypass Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101163

Microsoft Jet Database Engine CVE-2017-8718 Buffer Overflow Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101162

Microsoft Jet Database Engine CVE-2017-8717 Buffer Overflow Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101161

Microsoft Skype for Business CVE-2017-11786 Privilege Escalation Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101156

Microsoft SharePoint Server CVE-2017-11777 Cross Site Scripting Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101155

Cisco Spark Messaging Software CVE-2017-12269 HTML Injection Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101150

Microsoft Windows Kernel CVE-2017-11785 Local Information Disclosure Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101149

Microsoft Windows Kernel CVE-2017-11784 Local Information Disclosure Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101147

Microsoft ChakraCore Scripting Engine CVE-2017-11801 Remote Memory Corruption Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101146

Microsoft ChakraCore Scripting Engine CVE-2017-11797 Remote Memory Corruption Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101145

Microsoft Windows CVE-2017-11783 Local Privilege Escalation Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101144

Microsoft Windows SMB Server CVE-2017-11782 Remote Privilege Escalation Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101143

Microsoft Windows Shell CVE-2017-8727 Remote Code Execution Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101142

Microsoft Internet Explorer CVE-2017-11793 Remote Memory Corruption Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101141

Microsoft Windows SMB Server CVE-2017-11781 Denial of Service Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101140

Microsoft Edge Scripting Engine CVE-2017-11812 Remote Memory Corruption Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101139

Microsoft Edge Scripting Engine CVE-2017-11811 Remote Memory Corruption Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101138

SANS News

 

Threatpost

FormBook Malware Targets US Defense Contractors, Aerospace and Manufacturing Sectors

NFL Players, Agents Targeted in Database Extortion Attempt

Exploit

IBM Notes 8.5.x/9.0.x - Denial of Service (Metasploit)

Complain Management System - Hard-Coded Credentials / Blind SQL injection

ClipShare 7.0 - SQL Injection

9.10.2017

Bugtraq

SECURITY] DSA 3994-1] nautilus security update 2017-10-08
Yves-Alexis Perez (corsac debian org)

SECURITY] DSA 3993-1] tor security update 2017-10-06
Moritz Muehlenhoff (jmm debian org)

slackware-security] xorg-server (SSA:2017-279-03) 2017-10-06
Slackware Security Team (security slackware com)

Malware

 

Phishing

Chase Bank

8th October 2017

Dear Chase Online Customer:
Important Notification

Vulnerebility

Cisco Spark Messaging Software CVE-2017-12269 HTML Injection Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101150

RSA Archer GRC CMS Multiple Security Vulnerabilities
2017-10-09
http://www.securityfocus.com/bid/101195

Ruby CVE-2017-14033 Buffer Underrun Vulnerability
2017-10-09
http://www.securityfocus.com/bid/100868

Ruby CVE-2017-14064 Arbitrary Memory Disclosure Vulnerability
2017-10-09
http://www.securityfocus.com/bid/100890

RubyGems CVE-2017-0899 Security Bypass Vulnerability
2017-10-09
http://www.securityfocus.com/bid/100576

RubyGems CVE-2017-0901 Local Arbitrary File Overwrite Vulnerability
2017-10-09
http://www.securityfocus.com/bid/100580

Ruby CVE-2017-0898 Buffer Underrun Vulnerability
2017-10-09
http://www.securityfocus.com/bid/100862

RubyGems CVE-2017-0900 Denial of Service Vulnerability
2017-10-09
http://www.securityfocus.com/bid/100579

Curl CVE-2017-1000254 Out of Bounds Read Denial of Service Vulnerability
2017-10-09
http://www.securityfocus.com/bid/101115

cURL CVE-2017-1000101 Out of Bounds Read Information Disclosure Vulnerability
2017-10-09
http://www.securityfocus.com/bid/100249

cURL/libcURL CVE-2017-1000100 Heap Based Buffer Overflow Vulnerability
2017-10-09
http://www.securityfocus.com/bid/100286

GNOME Nautilus CVE-2017-14604 Arbitrary Command Execution Vulnerability
2017-10-09
http://www.securityfocus.com/bid/101012

Symantec Endpoint Encryption CVE-2017-13675 Denial-of-Service Vulnerability
2017-10-09
http://www.securityfocus.com/bid/101089

EMC Network Configuration Manager CVE-2017-8017 Cross Site Scripting Vulnerability
2017-10-06
http://www.securityfocus.com/bid/101194

Microsoft Windows WAV File Handling Denial of Service Vulnerability
2017-10-06
http://www.securityfocus.com/bid/101192

Magento CMS Multiple Security Vulnerabilities
2017-10-05
http://www.securityfocus.com/bid/100869

SANS News

A strange JPEG file

Base64 All The Things!

Threatpost

 

Exploit

Metasploit < 4.14.1-20170828 - Cross-Site Request Forgery

PyroBatchFTP 3.17 - Buffer Overflow (SEH)

OrientDB 2.2.2 - 2.2.22 - Remote Code Execution (Metasploit)

Rancher Server - Docker Daemon Code Execution (Metasploit)

Metasploit < 4.14.1-20170828 - Cross-Site Request Forgery

8.10.2017

Bugtraq

slackware-security] xorg-server (SSA:2017-279-03) 2017-10-06
Slackware Security Team (security slackware com)

DefenseCode Security Advisory: Magento Commerce CSRF, Stored Cross Site Scripting #1 2017-10-05
DefenseCode (defensecode defensecode com)

security bulletin] HPESBHF03776 rev.1 - HPE Intelligent Management Center (iMC) Service Operation Management (SOM), Remote Arbitrary File Download 2017-10-03
security-alert hpe com

HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02
HPE Product Security Response Team (security-alert hpe com)

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

Malware

Win32/Filecoder.FS

Win32/Ceatrg.A

MSIL/Filecoder.FF

Win32/Delf.TSU

Win32/Spy.Small.NDA

Phishing

 

Vulnerebility

Cisco Spark Messaging Software CVE-2017-12269 HTML Injection Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101150

Microsoft Windows WAV File Handling Denial of Service Vulnerability
2017-10-06
http://www.securityfocus.com/bid/101192

Magento CMS Multiple Security Vulnerabilities
2017-10-05
http://www.securityfocus.com/bid/100869

Adobe Flash Player and AIR CVE-2014-0569 Integer Overflow Vulnerability
2017-10-05
http://www.securityfocus.com/bid/70441

Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability
2017-10-05
http://www.securityfocus.com/bid/70952

Adobe Flash Player and AIR CVE-2014-8440 Unspecified Memory Corruption Vulnerability
2017-10-05
http://www.securityfocus.com/bid/71047

SANS News

CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises

Threatpost

Security Industry Failing to Establish Trust

Exploit

 

6.10.2017

Bugtraq

slackware-security] xorg-server (SSA:2017-279-03) 2017-10-06
Slackware Security Team (security slackware com)

DefenseCode Security Advisory: Magento Commerce CSRF, Stored Cross Site Scripting #1 2017-10-05
DefenseCode (defensecode defensecode com)

security bulletin] HPESBHF03776 rev.1 - HPE Intelligent Management Center (iMC) Service Operation Management (SOM), Remote Arbitrary File Download 2017-10-03
security-alert hpe com

HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02
HPE Product Security Response Team (security-alert hpe com)

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

SECURITY] DSA 3988-1] libidn2-0 security update 2017-09-30
Salvatore Bonaccorso (carnil debian org)

Malware

Backdoor.Korplug.E

Phishing

*****THURSDAY*****

5th October 2017

THURSDAY: Your $50 Amazon gift
card

office fiel

5th October 2017

Annullato: CONTACT MONEY GRAM
FOR YOUR FIRST PAYMENT OF
$5000 @ domenica, 01 ottobre
2017

Vulnerebility

Cisco Spark Messaging Software CVE-2017-12269 HTML Injection Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101150

Magento CMS Multiple Security Vulnerabilities
2017-10-05
http://www.securityfocus.com/bid/100869

Adobe Flash Player and AIR CVE-2014-0569 Integer Overflow Vulnerability
2017-10-05
http://www.securityfocus.com/bid/70441

Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability
2017-10-05
http://www.securityfocus.com/bid/70952

Adobe Flash Player and AIR CVE-2014-8440 Unspecified Memory Corruption Vulnerability
2017-10-05
http://www.securityfocus.com/bid/71047

Adobe Flash Player CVE-2014-8439 Remote Code Execution Vulnerability
2017-10-05
http://www.securityfocus.com/bid/71289

Microsoft Windows CVE-2015-0016 Remote Privilege Escalation Vulnerability
2017-10-05
http://www.securityfocus.com/bid/71965

Adobe Flash Player CVE-2015-0310 Unspecified Memory Corruption Vulnerability
2017-10-05
http://www.securityfocus.com/bid/72261

Adobe Flash Player CVE-2015-0311 Use After Free Memory Corruption Vulnerability
2017-10-05
http://www.securityfocus.com/bid/72283

Adobe Flash Player CVE-2015-0313 Remote Code Execution Vulnerability
2017-10-05
http://www.securityfocus.com/bid/72429

Adobe Flash Player CVE-2015-0336 Type Confusion Remote Code Execution Vulnerability
2017-10-05
http://www.securityfocus.com/bid/73084

Adobe Flash Player APSB15-06 Multiple Remote Code Execution Vulnerabilities
2017-10-05
http://www.securityfocus.com/bid/74067

Apple macOS CVE-2017-7150 Security Bypass Vulnerability
2017-10-05
http://www.securityfocus.com/bid/101177

GE CIMPLICITY CVE-2017-12732 Stack Based Buffer Overflow Vulnerability
2017-10-05
http://www.securityfocus.com/bid/101174

Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability
2017-10-04
http://www.securityfocus.com/bid/74490

Adobe Flash Player and AIR Multiple Unspecified Memory Corruption Vulnerabilities
2017-10-04
http://www.securityfocus.com/bid/74605

Adobe Flash Player and AIR CVE-2015-3104 Remote Integer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/75081

Adobe Flash Player and AIR CVE-2015-3105 Unspecified Memory Corruption Vulnerability
2017-10-04
http://www.securityfocus.com/bid/75086

Adobe Flash Player CVE-2015-3113 Unspecified Heap Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/75371

Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2017-10-04
http://www.securityfocus.com/bid/75568

Adobe Flash Player CVE-2015-5122 Use After Free Remote Memory Corruption Vulnerability
2017-10-04
http://www.securityfocus.com/bid/75712

Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability
2017-10-04
http://www.securityfocus.com/bid/76194

Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2017-10-04
http://www.securityfocus.com/bid/77081

Ghostscript GhostXPS CVE-2017-9727 Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99999

Ghostscript GhostXPS CVE-2017-9726 Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99992

Ghostscript GhostXPS CVE-2017-9612 Heap Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99979

Ghostscript GhostXPS CVE-2017-9739 Heap Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99987

Artifex Ghostscript CVE-2017-9835 Heap Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99991

Ghostscript GhostXPS CVE-2017-9611 Heap Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99975

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities
2017-10-04
http://www.securityfocus.com/bid/101054

SANS News

 

Threatpost

US Top Law Enforcement Calls Strong Encryption a ‘Serious Problem’

Latin American ATM Thieves Turning to Hacking

Exploit

Microsoft Windows 10 x64 RS2 - 'win32kfull!bFill' Pool Overflow

Unitrends UEB 9.1 - Authentication Bypass / Remote Command Execution

Unitrends UEB 9.1 - 'Unitrends bpserverd' Remote Command Execution

Unitrends UEB 9.1 - Privilege Escalation

NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution

5.10.2017

Bugtraq

DefenseCode Security Advisory: Magento Commerce CSRF, Stored Cross Site Scripting #1 2017-10-05
DefenseCode (defensecode defensecode com)

security bulletin] HPESBHF03776 rev.1 - HPE Intelligent Management Center (iMC) Service Operation Management (SOM), Remote Arbitrary File Download 2017-10-03
security-alert hpe com

HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02
HPE Product Security Response Team (security-alert hpe com)

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

SECURITY] DSA 3988-1] libidn2-0 security update 2017-09-30
Salvatore Bonaccorso (carnil debian org)

Mac OS X Local Javascript Quarantine Bypass 2017-09-30
filippo cavallarin wearesegment com

SECURITY] DSA 3987-1] firefox-esr security update 2017-09-29
Moritz Muehlenhoff (jmm debian org)

Malware

Trojan.Dubki

Trojan.Flusihoc

Ransom.Arena

Phishing

office fiel

5th October 2017

Invito: CONTACT MONEY GRAM FOR
YOUR FIRST PAYMENT OF $5000 @
domenica, 01 ottobre 2017

Security Department

4th October 2017

Yahoo Has Been Hacked Again!

Vulnerebility

Cisco Spark Messaging Software CVE-2017-12269 HTML Injection Vulnerability
2017-10-10
http://www.securityfocus.com/bid/101150

Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability
2017-10-04
http://www.securityfocus.com/bid/74490

Adobe Flash Player and AIR Multiple Unspecified Memory Corruption Vulnerabilities
2017-10-04
http://www.securityfocus.com/bid/74605

Adobe Flash Player and AIR CVE-2015-3104 Remote Integer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/75081

Adobe Flash Player and AIR CVE-2015-3105 Unspecified Memory Corruption Vulnerability
2017-10-04
http://www.securityfocus.com/bid/75086

Adobe Flash Player CVE-2015-3113 Unspecified Heap Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/75371

Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2017-10-04
http://www.securityfocus.com/bid/75568

Adobe Flash Player CVE-2015-5122 Use After Free Remote Memory Corruption Vulnerability
2017-10-04
http://www.securityfocus.com/bid/75712

Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability
2017-10-04
http://www.securityfocus.com/bid/76194

Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2017-10-04
http://www.securityfocus.com/bid/77081

Ghostscript GhostXPS CVE-2017-9727 Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99999

Ghostscript GhostXPS CVE-2017-9726 Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99992

Ghostscript GhostXPS CVE-2017-9612 Heap Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99979

Ghostscript GhostXPS CVE-2017-9739 Heap Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99987

Artifex Ghostscript CVE-2017-9835 Heap Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99991

Ghostscript GhostXPS CVE-2017-9611 Heap Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/99975

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities
2017-10-04
http://www.securityfocus.com/bid/101054

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities
2017-10-04
http://www.securityfocus.com/bid/101055

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/101053

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2017-10-04
http://www.securityfocus.com/bid/101059

OCaml CVE-2015-8869 Multiple Security Vulnerabilities
2017-10-04
http://www.securityfocus.com/bid/89318

QEMU Out of Bounds Read and Write Memory Access CVE-2017-14167 Local Integer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/100694

QEMU 'hw/display/vga.c' Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/100540

Qemu CVE-2017-12809 Null Pointer Dereference Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/100451

QEMU 'hw/usb/hcd-xhci.c' Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/98915

QEMU CVE-2017-13711 Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/100534

Multiple Cisco Products CVE-2017-12226 Remote Privilege Escalation Vulnerability
2017-10-04
http://www.securityfocus.com/bid/101063

Apache Zookeeper CVE-2017-5637 Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/98814

Cisco Meeting App CVE-2017-12266 Local Privilege Escalation Vulnerability
2017-10-04
http://www.securityfocus.com/bid/101158

Cisco AnyConnect Secure Mobility Client CVE-2017-12268 Local Security Bypass Vulnerability
2017-10-04
http://www.securityfocus.com/bid/101157

SANS News

pcap2curl: Turning a pcap file into a set of cURL commands for "replay"

Security Awareness Month: How to Help Friends and Family

Securing "Out of Band" Access

Threatpost

Attackers Redefining Objectives, Approaches

Experts Have Sobering Message on Human Rights, Privacy for Security Pros

Costin Raiu and Juan Andres Guerrero-Saade on APT Fourth-Party Collection

Cloudflare CTO Goes Inside the Cloudbleed Bug

Exploit

ERS Data System 1.8.1 - Java Deserialization

NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution

4.10.2017

Bugtraq

security bulletin] HPESBHF03776 rev.1 - HPE Intelligent Management Center (iMC) Service Operation Management (SOM), Remote Arbitrary File Download 2017-10-03
security-alert hpe com

HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02
HPE Product Security Response Team (security-alert hpe com)

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

SECURITY] DSA 3988-1] libidn2-0 security update 2017-09-30
Salvatore Bonaccorso (carnil debian org)

Mac OS X Local Javascript Quarantine Bypass 2017-09-30
filippo cavallarin wearesegment com

Malware

 

Phishing

Amazon Prime Survey

3rd October 2017

, HUGE SAVING AT AMAZON.COM *
DETAILS INSIDE

Charles Schwab

3rd October 2017

Urgent! Update your details
with Charles Schwab

Vulnerebility

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities
2017-10-04
http://www.securityfocus.com/bid/101054

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities
2017-10-04
http://www.securityfocus.com/bid/101055

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/101053

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2017-10-04
http://www.securityfocus.com/bid/101059

OCaml CVE-2015-8869 Multiple Security Vulnerabilities
2017-10-04
http://www.securityfocus.com/bid/89318

QEMU Out of Bounds Read and Write Memory Access CVE-2017-14167 Local Integer Overflow Vulnerability
2017-10-04
http://www.securityfocus.com/bid/100694

QEMU 'hw/display/vga.c' Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/100540

Qemu CVE-2017-12809 Null Pointer Dereference Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/100451

QEMU 'hw/usb/hcd-xhci.c' Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/98915

QEMU CVE-2017-13711 Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/100534

Multiple Cisco Products CVE-2017-12226 Remote Privilege Escalation Vulnerability
2017-10-04
http://www.securityfocus.com/bid/101063

Apache Zookeeper CVE-2017-5637 Denial of Service Vulnerability
2017-10-04
http://www.securityfocus.com/bid/98814

Tcpdump CVE-2017-12997 Denial of Service Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100914

Multiple EMC Products CVE-2017-8007 Directory Traversal Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100957

Samba CVE-2017-12150 Man in the Middle Security Bypass Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100918

Samba CVE-2017-12163 Arbitrary File Write Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100925

Zoho Site24x7 Mobile Network Poller SSL Certificate Validation Security Bypass Vulnerability
2017-10-03
http://www.securityfocus.com/bid/101091

Cisco IOS and IOS XE Software CVE-2017-12228 Certificate Validation Security Bypass Vulnerability
2017-10-02
http://www.securityfocus.com/bid/101065

IBM Spectrum Protect CVE-2017-1301 Insecure Temporary File Creation Vulnerability
2017-10-02
http://www.securityfocus.com/bid/101107

Google Android Media Framework Components Multiple Security Vulnerabilities
2017-10-02
http://www.securityfocus.com/bid/101088

Google Android Framework CVE-2017-0806 Security Bypass Vulnerability
2017-10-02
http://www.securityfocus.com/bid/101086

SANS News

 

Threatpost

Five Critical Android Bugs Get Patched in October Update

Google Warns of DoS and RCE Bugs in Dnsmasq

Exploit

ERS Data System 1.8.1 - Java Deserialization

Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass /...

EPESI 1.8.2 rev20170830 - Cross-Site Scripting

DiskBoss Enterprise 8.4.16 - Local Buffer Overflow

3.10.2017

Bugtraq

HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02
HPE Product Security Response Team (security-alert hpe com)

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

SECURITY] DSA 3988-1] libidn2-0 security update 2017-09-30
Salvatore Bonaccorso (carnil debian org)

Mac OS X Local Javascript Quarantine Bypass 2017-09-30
filippo cavallarin wearesegment com

SECURITY] DSA 3987-1] firefox-esr security update 2017-09-29
Moritz Muehlenhoff (jmm debian org)

SECURITY] DSA 3986-1] ghostscript security update 2017-09-29
Salvatore Bonaccorso (carnil debian org)

Malware

 

Phishing

AMA

2nd October 2017

AOL Mail: Account

*****CONGRATULATION*****

1st October 2017

TODAY ONLY: Your $50 Amazon
gift card

Vulnerebility

Tcpdump CVE-2017-12997 Denial of Service Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100914

Multiple EMC Products CVE-2017-8007 Directory Traversal Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100957

Samba CVE-2017-12150 Man in the Middle Security Bypass Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100918

Samba CVE-2017-12163 Arbitrary File Write Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100925

Cisco IOS and IOS XE Software CVE-2017-12228 Certificate Validation Security Bypass Vulnerability
2017-10-02
http://www.securityfocus.com/bid/101065

Google Android Framework CVE-2017-0806 Security Bypass Vulnerability
2017-10-02
http://www.securityfocus.com/bid/101086

Dnsmasq VU#973527 Multiple Security Vulnerabilities
2017-10-02
http://www.securityfocus.com/bid/101085

Multiple Wordpress Plugins PHP Object Injection Vulnerability
2017-10-02
http://www.securityfocus.com/bid/101082

SolarWinds Network Performance Monitor CVE-2017-9537 Multiple HTML Injection Vulnerabilities
2017-09-29
http://www.securityfocus.com/bid/101071

SolarWinds Network Performance Monitor CVE-2017-9538 Denial of Service Vulnerability
2017-09-29
http://www.securityfocus.com/bid/101066

Jenkins Multiple Plugins Multiple HTML Injection Vulnerabilities
2017-09-29
http://www.securityfocus.com/bid/101061

Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/78712

Adobe Flash Player and AIR CVE-2015-8651 Unspecified Integer Overflow Vulnerability
2017-09-28
http://www.securityfocus.com/bid/79705

Adobe Flash Player and AIR APSB16-08 Multiple Unspecified Integer Overflow Vulnerabilities
2017-09-28