Databáze Hot News - Rok - Úvod  2018  2017  2016  2015  2014  2013  - 1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  List  - 2018  2017  2016  2015  2014  2013 
Poslední aktualizace v 08.10.2016 14:19:38
 

31.5.2017

Bugtraq

DefenseCode ThunderScan SAST Advisory: WordPress Simple Slideshow Manager Plugin Multiple Security Vulnerabilities 2017-05-30
DefenseCode (defensecode defensecode com)

[SECURITY] [DSA 3867-1] sudo security update 2017-05-30
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3866-1] strongswan security update 2017-05-30
Yves-Alexis Perez (corsac debian org)

[SECURITY] [DSA 3865-1] mosquitto security update 2017-05-29
Moritz Muehlenhoff (jmm debian org)

Malware

Backdoor:ASP/Seasharpee.A

Phishing

 

Vulnerebility

Apple iOS and Safari Multiple Security Vulnerabilities
2017-05-30
http://www.securityfocus.com/bid/98474

ImageMagick CVE-2017-9142 Local Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98683

ImageMagick CVE-2017-8830 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98687

ImageMagick 'coders/rle.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98603

ImageMagick CVE-2017-9143 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98682

ImageMagick CVE-2017-9098 Local Information Disclosure Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98593

ImageMagick CVE-2017-7619 Multiple Denial of Service Vulnerabilities
2017-05-30
http://www.securityfocus.com/bid/98689

ImageMagick 'MagickCore/profile.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98606

ImageMagick 'coders/rle.c' Remote Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98685

ImageMagick CVE-2017-8765 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98688

ImageMagick CVE-2017-8354 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98374

ImageMagick CVE-2017-8352 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98372

ImageMagick 'ept.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98388

ImageMagick 'sfw.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98370

ImageMagick CVE-2017-8351 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98371

ImageMagick CVE-2017-8355 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98380

ImageMagick 'png.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98373

ImageMagick 'pict.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98377

ImageMagick CVE-2017-8356 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98378

ImageMagick CVE-2017-8345 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98138

ImageMagick CVE-2017-7943 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/97956

ImageMagick CVE-2017-7942 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/97946

ImageMagick CVE-2017-8343 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98132

ImageMagick CVE-2017-8346 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98346

ImageMagick CVE-2017-8344 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98136

ImageMagick 'exr.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98363

ImageMagick 'mat.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98364

ImageMagick CVE-2017-7941 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/97944

RETIRED: IBM Domino CVE-2017-1274 Stack Buffer Overflow Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98019

IBM Domino CVE-2017-1274 Stack Buffer Overflow Vulnerability
2017-05-30
http://www.securityfocus.com/bid/97910

SANS News

Analysis of Competing Hypotheses, WCry and Lazarus (ACH part 2)

Threatpost

FreeRADIUS Update Resolves Authentication Bypass

Exploit

Piwigo Plugin Facetag 0.0.3 - SQL Injection

uc-http Daemon - Local File Inclusion / Directory Traversal

KEMP LoadMaster 7.135.0.13245 - Persistent Cross-Site Scripting / Remote Code...

30.5.2017

Bugtraq

DefenseCode ThunderScan SAST Advisory: WordPress Simple Slideshow Manager Plugin Multiple Security Vulnerabilities 2017-05-30
DefenseCode (defensecode defensecode com)

[SECURITY] [DSA 3867-1] sudo security update 2017-05-30
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3866-1] strongswan security update 2017-05-30
Yves-Alexis Perez (corsac debian org)

[SECURITY] [DSA 3865-1] mosquitto security update 2017-05-29
Moritz Muehlenhoff (jmm debian org)

Multiple Local Privilege Escalation Vulnerabilities in Acunetix Web Vulnerability Scanner 11 2017-05-28
Florian Bogner (florian bogner sh)

Wordpress Plugin Social-Stream - Exposure of Twitter API Secret Key and Token 2017-05-26
kyle Lovett (krlovett gmail com)

[security bulletin] HPESBHF03730 rev.1 - HPE Aruba ClearPass Policy Manager, Multiple Vulnerabilities 2017-05-26
security-alert hpe com

Malware

 

Phishing

Dropbox

29th May 2017

You Have A New Document

Tesco Bank

28th May 2017

Account Activity Alert

Vulnerebility

Apple iOS and Safari Multiple Security Vulnerabilities
2017-05-30
http://www.securityfocus.com/bid/98474

ImageMagick CVE-2017-9142 Local Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98683

ImageMagick CVE-2017-8830 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98687

ImageMagick 'coders/rle.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98603

ImageMagick CVE-2017-9143 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98682

ImageMagick CVE-2017-9098 Local Information Disclosure Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98593

ImageMagick CVE-2017-7619 Multiple Denial of Service Vulnerabilities
2017-05-30
http://www.securityfocus.com/bid/98689

ImageMagick 'MagickCore/profile.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98606

ImageMagick 'coders/rle.c' Remote Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98685

ImageMagick CVE-2017-8765 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98688

ImageMagick CVE-2017-8354 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98374

ImageMagick CVE-2017-8352 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98372

ImageMagick 'ept.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98388

ImageMagick 'sfw.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98370

ImageMagick CVE-2017-8351 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98371

ImageMagick CVE-2017-8355 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98380

ImageMagick 'png.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98373

ImageMagick 'pict.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98377

ImageMagick CVE-2017-8356 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98378

ImageMagick CVE-2017-8345 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98138

ImageMagick CVE-2017-7943 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/97956

ImageMagick CVE-2017-7942 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/97946

ImageMagick CVE-2017-8343 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98132

ImageMagick CVE-2017-8346 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98346

ImageMagick CVE-2017-8344 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98136

ImageMagick 'exr.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98363

ImageMagick 'mat.c' Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98364

ImageMagick CVE-2017-7941 Denial of Service Vulnerability
2017-05-30
http://www.securityfocus.com/bid/97944

RETIRED: IBM Domino CVE-2017-1274 Stack Buffer Overflow Vulnerability
2017-05-30
http://www.securityfocus.com/bid/98019

IBM Domino CVE-2017-1274 Stack Buffer Overflow Vulnerability
2017-05-30
http://www.securityfocus.com/bid/97910Oracle Java SE and JRockit CVE-2017-3533 Remote Security Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97740

Oracle Java SE CVE-2017-3539 Remote Security Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97752

Oracle Java SE CVE-2017-3509 Remote Security Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97737

Oracle Java SE and JRockit CVE-2017-3544 Remote Security Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97745

Oracle Java SE CVE-2017-3512 Remote Security Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97727

Oracle Java SE CVE-2017-3289 Remote Security Vulnerability
2017-05-29
http://www.securityfocus.com/bid/95525

Oracle Java SE and JRockit CVE-2017-3526 Remote Security Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97733

Oracle Java SE CVE-2017-3514 Remote Security Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97729

Oracle Java SE and JRockit CVE-2017-3511 Local Security Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97731

Apache FOP CVE-2017-5661 XML External Entity Information Disclosure Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97947

Linux Kernel 'EXT4 image' Local Denial of Service Vulnerability
2017-05-29
http://www.securityfocus.com/bid/94354

Linux kernel Local Use After Free Multiple Denial of Service Vulnerabilities
2017-05-29
http://www.securityfocus.com/bid/94135

Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97234

Linux Kernel 'net/sctp/socket.c' Local Denial of Service Vulnerability
2017-05-29
http://www.securityfocus.com/bid/96222

Linux Kernel 'crypto/algif_hash.c' Local Denial of Service Vulnerability
2017-05-29
http://www.securityfocus.com/bid/94309

Samba CVE-2017-7494 Remote Code Execution Vulnerability
2017-05-29
http://www.securityfocus.com/bid/98636

Oracle Solaris CVE-2017-3622 Local Privilege Escalation Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97774

OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2017-05-29
http://www.securityfocus.com/bid/94242

Oracle Solaris CVE-2017-3623 Remote Code Execution Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97778

OpenLDAP 'servers/slapd/back-mdb/search.c' Denial of Service Vulnerability
2017-05-29
http://www.securityfocus.com/bid/98736

ImageMagick CVE-2017-9262 Denial of Service Vulnerability
2017-05-29
http://www.securityfocus.com/bid/98735

FreeRADIUS TLS CVE-2017-9148 Authentication Bypass Vulnerability
2017-05-29
http://www.securityfocus.com/bid/98734

ImageMagick CVE-2017-9261 Denial of Service Vulnerability
2017-05-29
http://www.securityfocus.com/bid/98730

Microsoft Windows NTFS File System Denial of Service Vulnerability
2017-05-29
http://www.securityfocus.com/bid/98729

ZoneMinder CVE-2016-10203 Cross Site Scripting Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97122

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98325

Ansible CVE-2017-7481 Security Bypass Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98492

Ansible CVE-2017-7466 Incomplete Fix Arbitrary Command Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97595

Teeworlds 'client.cpp' Memory Corruption Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94381

Adobe Flash Player CVE-2017-3071 Use After Free Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98347

SANS News

FreeRadius Authentication Bypass

Threatpost

ShadowBrokers Put Price on Monthly Zero Day Leaks

Exploit

Microsoft MsMpEng - Use-After-Free via Saved Callers

Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC...

Trend Micro Deep Security version 6.5 - XML External Entity Injection / Local...

Microsoft MsMpEng - Multiple Crashes While Scanning Malformed Files

Samba - is_known_pipename() Arbitrary Module Load (Metasploit)

Octopus Deploy - Authenticated Code Execution (Metasploit)

CERIO DT-100G-N/DT-300N/CW-300N - Multiple Vulnerabilities

uc-http Daemon - Local File Inclusion / Directory Traversal

WordPress Plugin Huge-IT Video Gallery 2.0.4 - SQL Injection

29.5.2017

Bugtraq

Multiple Local Privilege Escalation Vulnerabilities in Acunetix Web Vulnerability Scanner 11 2017-05-28
Florian Bogner (florian bogner sh)

Wordpress Plugin Social-Stream - Exposure of Twitter API Secret Key and Token 2017-05-26
kyle Lovett (krlovett gmail com)

[security bulletin] HPESBHF03730 rev.1 - HPE Aruba ClearPass Policy Manager, Multiple Vulnerabilities 2017-05-26
security-alert hpe com

Malware

 

Phishing

Tesco Bank

28th May 2017

Account Activity Alert

Indian

26th May 2017

RECEIPT EMAIL CONFIRMATIONS :
STATEMENT ACCOUNT SUBMITTED TO
RESET YOUR PASSWORD FOR OUR
CLIENT AREA

Vulnerebility

OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2017-05-29
http://www.securityfocus.com/bid/94242

Oracle Solaris CVE-2017-3623 Remote Code Execution Vulnerability
2017-05-29
http://www.securityfocus.com/bid/97778

Samba CVE-2017-7494 Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98636

ZoneMinder CVE-2016-10203 Cross Site Scripting Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97122

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98325

Ansible CVE-2017-7481 Security Bypass Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98492

Ansible CVE-2017-7466 Incomplete Fix Arbitrary Command Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97595

Teeworlds 'client.cpp' Memory Corruption Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94381

Adobe Flash Player CVE-2017-3071 Use After Free Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98347

Adobe Flash Player APSB17-15 Multiple Memory Corruption Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/98349

Xen CVE-2017-8905 Arbitrary Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98436

Xen CVE-2017-8904 Arbitrary Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98428

Xen CVE-2017-8903 Arbitrary Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98426

Linux kernel Local Use After Free Multiple Denial of Service Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/94135

Linux Kernel 'EXT4 image' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94354

Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97234

Linux Kernel 'net/sctp/socket.c' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/96222

Linux Kernel 'crypto/algif_hash.c' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94309

Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/98085

Linux Kernel CVE-2017-8890 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98562

Multiple Puppet Products YAML Deserialization CVE-2017-2295 Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98582

ImageMagick 'ept.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98388

ImageMagick 'MagickCore/profile.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98606

ImageMagick CVE-2017-8356 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98378

ImageMagick 'pict.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98377

ImageMagick CVE-2017-8346 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98346

ImageMagick 'png.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98373

ImageMagick CVE-2017-8345 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98138

ImageMagick CVE-2017-8352 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98372

ImageMagick 'mat.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98364
SANS News

Analysis of Competing Hypotheses (ACH part 1)

Threatpost

Microsoft Quietly Patches Another Critical Malware Protection Engine Flaw

Exploit

CERIO DT-100G-N/DT-300N/CW-300N - Multiple Vulnerabilities

27.5.2017

Bugtraq

Wordpress Plugin Social-Stream - Exposure of Twitter API Secret Key and Token 2017-05-26
kyle Lovett (krlovett gmail com)

[security bulletin] HPESBHF03730 rev.1 - HPE Aruba ClearPass Policy Manager, Multiple Vulnerabilities 2017-05-26
security-alert hpe com

[security bulletin] HPESBHF03754 rev.1 - HPE ML10 Gen 9 Server using Intel Xeon E3-1200 v5 Processor, Remote Access Restriction Bypass 2017-05-26
security-alert hpe com

[security bulletin] HPESBHF03750 rev.1 - HPE Network Products including Comware 5, Comware 7 and VCX running NTP, Remote Denial of Service (DoS), Unauthorized Modification, Local Denial of Service (DoS) 2017-05-25
security-alert hpe com

[SECURITY] [DSA 3863-1] imagemagick security update 2017-05-25
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPESBHF03746 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2017-05-25
HPE Product Security Response Team (security-alert hpe com)

WebKitGTK+ Security Advisory WSA-2017-0004 2017-05-25
Carlos Alberto Lopez Perez (clopez igalia com)

[slackware-security] samba (SSA:2017-144-01) 2017-05-24
Slackware Security Team (security slackware com)

Malware

 

Phishing

Indian

26th May 2017

RECEIPT EMAIL CONFIRMATIONS :
STATEMENT ACCOUNT SUBMITTED TO
RESET YOUR PASSWORD FOR OUR
CLIENT AREA

Apple

26th May 2017

Reminder : Apple ID has
temporary locked due
suspicious activity !

Vulnerebility

Samba CVE-2017-7494 Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98636

ZoneMinder CVE-2016-10203 Cross Site Scripting Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97122

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98325

Ansible CVE-2017-7481 Security Bypass Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98492

Ansible CVE-2017-7466 Incomplete Fix Arbitrary Command Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97595

Teeworlds 'client.cpp' Memory Corruption Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94381

Adobe Flash Player CVE-2017-3071 Use After Free Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98347

Adobe Flash Player APSB17-15 Multiple Memory Corruption Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/98349

Xen CVE-2017-8905 Arbitrary Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98436

Xen CVE-2017-8904 Arbitrary Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98428

Xen CVE-2017-8903 Arbitrary Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98426

Linux kernel Local Use After Free Multiple Denial of Service Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/94135

Linux Kernel 'EXT4 image' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94354

Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97234

Linux Kernel 'net/sctp/socket.c' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/96222

Linux Kernel 'crypto/algif_hash.c' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94309

Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/98085

Linux Kernel CVE-2017-8890 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98562

Multiple Puppet Products YAML Deserialization CVE-2017-2295 Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98582

ImageMagick 'ept.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98388

ImageMagick 'MagickCore/profile.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98606

ImageMagick CVE-2017-8356 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98378

ImageMagick 'pict.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98377

ImageMagick CVE-2017-8346 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98346

ImageMagick 'png.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98373

ImageMagick CVE-2017-8345 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98138

ImageMagick CVE-2017-8352 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98372

ImageMagick 'mat.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98364

ImageMagick CVE-2017-8354 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98374

ImageMagick 'exr.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98363

SANS News

File2pcap - A new tool for your toolkit!

CyberChef a Must Have Tool in your Tool bag!

Analysis of Competing Hypotheses (ACH part 1)

Threatpost

Rash Of Phishing Attacks Use HTTPS To Con Victims

Pacemaker Ecosystem Fails its Cybersecurity Checkup

Mark Dowd on Exploit Mitigation Development

Exploit

Google Chrome 60.0.3080.5 V8 JavaScript Engine - Out-of-Bounds Write

D-Link DCS Series Cameras - Insecure Crossdomain

QWR-1104 Wireless-N Router - Cross-Site Scripting

Microsoft MsMpEng - Multiple Problems Handling ntdll!NtControlChannel Commands

JAD java Decompiler 1.5.8e - Local Buffer Overflow

Sandboxie 5.18 - Local Denial of Service

26.5.2017

Bugtraq

[security bulletin] HPESBHF03750 rev.1 - HPE Network Products including Comware 5, Comware 7 and VCX running NTP, Remote Denial of Service (DoS), Unauthorized Modification, Local Denial of Service (DoS) 2017-05-25
security-alert hpe com

[SECURITY] [DSA 3863-1] imagemagick security update 2017-05-25
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPESBHF03746 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2017-05-25
HPE Product Security Response Team (security-alert hpe com)

WebKitGTK+ Security Advisory WSA-2017-0004 2017-05-25
Carlos Alberto Lopez Perez (clopez igalia com)

[slackware-security] samba (SSA:2017-144-01) 2017-05-24
Slackware Security Team (security slackware com)

[security bulletin] HPESBHF03751 rev.1 - HPE Aruba AirWave Glass, Remote Code Execution 2017-05-24
security-alert hpe com

DefenseCode ThunderScan SAST Advisory: WordPress AffiliateWP Plugin Security Vulnerability 2017-05-24
DefenseCode (defensecode defensecode com)

DefenseCode ThunderScan SAST Advisory: WordPress Huge-IT Video Gallery Plugin Security Vulnerability 2017-05-24
DefenseCode (defensecode defensecode com)

DefenseCode ThunderScan SAST Advisory: WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability 2017-05-24
DefenseCode (defensecode defensecode com)

Malware

Ransom.Jaff

Ransom.GlobeImposter

Phishing

Apple

26th May 2017

Reminder : Apple ID has
temporary locked due
suspicious activity !

Vulnerebility

ZoneMinder CVE-2016-10203 Cross Site Scripting Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97122

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98325

Ansible CVE-2017-7481 Security Bypass Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98492

Ansible CVE-2017-7466 Incomplete Fix Arbitrary Command Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97595

Teeworlds 'client.cpp' Memory Corruption Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94381

Adobe Flash Player CVE-2017-3071 Use After Free Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98347

Adobe Flash Player APSB17-15 Multiple Memory Corruption Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/98349

Xen CVE-2017-8905 Arbitrary Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98436

Xen CVE-2017-8904 Arbitrary Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98428

Xen CVE-2017-8903 Arbitrary Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98426

Linux kernel Local Use After Free Multiple Denial of Service Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/94135

Linux Kernel 'EXT4 image' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94354

Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97234

Linux Kernel 'net/sctp/socket.c' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/96222

Linux Kernel 'crypto/algif_hash.c' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94309

Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/98085

Linux Kernel CVE-2017-8890 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98562

Multiple Puppet Products YAML Deserialization CVE-2017-2295 Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98582

ImageMagick 'ept.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98388

ImageMagick 'MagickCore/profile.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98606

ImageMagick CVE-2017-8356 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98378

ImageMagick 'pict.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98377

ImageMagick CVE-2017-8346 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98346

ImageMagick 'png.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98373

ImageMagick CVE-2017-8345 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98138

ImageMagick CVE-2017-8352 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98372

ImageMagick 'mat.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98364

ImageMagick CVE-2017-8354 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98374

ImageMagick 'exr.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98363

ImageMagick 'sfw.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98370Linux kernel Local Use After Free Multiple Denial of Service Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/94135

Linux Kernel 'EXT4 image' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94354

Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97234

Linux Kernel 'net/sctp/socket.c' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/96222

Linux Kernel 'crypto/algif_hash.c' Local Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94309

Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/98085

Linux Kernel CVE-2017-8890 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98562

Multiple Puppet Products YAML Deserialization CVE-2017-2295 Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98582

ImageMagick 'ept.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98388

ImageMagick 'MagickCore/profile.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98606

ImageMagick CVE-2017-8356 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98378

ImageMagick 'pict.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98377

ImageMagick CVE-2017-8346 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98346

ImageMagick 'png.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98373

ImageMagick CVE-2017-8345 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98138

ImageMagick CVE-2017-8352 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98372

ImageMagick 'mat.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98364

ImageMagick CVE-2017-8354 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98374

ImageMagick 'exr.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98363

ImageMagick 'sfw.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98370

ImageMagick CVE-2017-8343 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98132

ImageMagick CVE-2017-8355 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98380

ImageMagick 'coders/rle.c' Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98603

ImageMagick CVE-2017-8344 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98136

ImageMagick CVE-2017-7941 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97944

ImageMagick CVE-2017-9098 Local Information Disclosure Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98593

ImageMagick CVE-2017-7943 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97956

ImageMagick CVE-2017-8351 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98371

Mozilla Firefox Multiple Security Vulnerabilities
2017-05-26
http://www.securityfocus.com/bid/97940

Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability
2017-05-26
http://www.securityfocus.com/bid/98050Apache Tomcat CVE-2017-5651 Information Disclosure Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97544

Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability
2017-05-26
http://www.securityfocus.com/bid/83330

Apache Tomcat CVE-2015-5345 Directory Traversal Vulnerability
2017-05-26
http://www.securityfocus.com/bid/83328

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/91453

Apache Tomcat Security Manager CVE-2016-0714 Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/83327

Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97530

Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability
2017-05-26
http://www.securityfocus.com/bid/94828

Apache Tomcat CVE-2016-1240 Local Privilege Escalation Vulnerability
2017-05-26
http://www.securityfocus.com/bid/93263

Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability
2017-05-26
http://www.securityfocus.com/bid/83326

Apache Tomcat CVE-2015-5346 Session Fixation Vulnerability
2017-05-26
http://www.securityfocus.com/bid/83323

Apache Tomcat CVE-2017-5650 Denial of Service Vulnerability
2017-05-26
http://www.securityfocus.com/bid/97531

Apache Tomcat CVE-2015-5174 Directory Traversal Vulnerability
2017-05-26
http://www.securityfocus.com/bid/83329

Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability
2017-05-26
http://www.securityfocus.com/bid/83324

Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
2017-05-26
http://www.securityfocus.com/bid/96729

Linux Kernel 'EXT4 image' Local Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/94354

Samba CVE-2017-7494 Remote Code Execution Vulnerability
2017-05-25
http://www.securityfocus.com/bid/98636

Linux Kernel 'net/sctp/socket.c' Local Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/96222

Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97234

Linux Kernel 'crypto/algif_hash.c' Local Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/94309

Linux kernel Local Use After Free Multiple Denial of Service Vulnerabilities
2017-05-25
http://www.securityfocus.com/bid/94135

Ghostscript CVE-2017-5951 Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/98665

Ghostscript CVE-2017-8291 Multiple Remote Code Execution Vulnerabilities
2017-05-25
http://www.securityfocus.com/bid/98476

Ghostscript CVE-2016-9601 Local Integer Overflow Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97095

Ghostscript CVE-2017-7207 Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/96995

Linux Kernel CVE-2017-7184 Local Privilege Escalation Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97018

Linux Kernel 'sound/core/pcm_lib.c' Local Use After Free Memory Corruption Vulnerability
2017-05-25
http://www.securityfocus.com/bid/94654

OpenSSL CVE-2016-7056 Local Information Disclosure Vulnerability
2017-05-25
http://www.securityfocus.com/bid/95375

giflib 'util/giffix.c' Heap Based Buffer Overflow Vulnerability
2017-05-25
http://www.securityfocus.com/bid/81697

Cisco TelePresence IX5000 Series CVE-2017-6652 Directory Traversal Vulnerability
2017-05-25
http://www.securityfocus.com/bid/98519

Linux Kernel CVE-2017-7294 Local Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97177

SANS News

 

Threatpost

WannaCry Ransom Note Written by Chinese, English Speaking Authors

Revised Active Defense Bill Allows Victims to Recover or Destroy Stolen Data

Keybase Extension Brings End-to-End Encrypted Chat To Twitter, Reddit, GitHub

Exploit

 

25.5.2017

Bugtraq

[security bulletin] HPESBHF03746 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2017-05-25
HPE Product Security Response Team (security-alert hpe com)

WebKitGTK+ Security Advisory WSA-2017-0004 2017-05-25
Carlos Alberto Lopez Perez (clopez igalia com)

[slackware-security] samba (SSA:2017-144-01) 2017-05-24
Slackware Security Team (security slackware com)

[security bulletin] HPESBHF03751 rev.1 - HPE Aruba AirWave Glass, Remote Code Execution 2017-05-24
security-alert hpe com

DefenseCode ThunderScan SAST Advisory: WordPress AffiliateWP Plugin Security Vulnerability 2017-05-24
DefenseCode (defensecode defensecode com)

DefenseCode ThunderScan SAST Advisory: WordPress Huge-IT Video Gallery Plugin Security Vulnerability 2017-05-24
DefenseCode (defensecode defensecode com)

DefenseCode ThunderScan SAST Advisory: WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability 2017-05-24
DefenseCode (defensecode defensecode com)

[SECURITY] [DSA 3861-1] libtasn1-6 security update 2017-05-24
Sebastien Delafond (seb debian org)

Secunia Research: Microsoft Windows Heap-based Buffer Overflow Vulnerabilities 2017-05-23
Secunia Research (remove-vuln secunia com)

Malware

W32.Styes

Phishing

 

Vulnerebility

Samba CVE-2017-7494 Remote Code Execution Vulnerability
2017-05-25
http://www.securityfocus.com/bid/98636

Linux Kernel 'net/sctp/socket.c' Local Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/96222

Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97234

Linux Kernel 'crypto/algif_hash.c' Local Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/94309

Linux kernel Local Use After Free Multiple Denial of Service Vulnerabilities
2017-05-25
http://www.securityfocus.com/bid/94135

Ghostscript CVE-2017-5951 Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/98665

Ghostscript CVE-2017-8291 Multiple Remote Code Execution Vulnerabilities
2017-05-25
http://www.securityfocus.com/bid/98476

Ghostscript CVE-2016-9601 Local Integer Overflow Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97095

Ghostscript CVE-2017-7207 Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/96995

Linux Kernel CVE-2017-7184 Local Privilege Escalation Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97018

Linux Kernel 'sound/core/pcm_lib.c' Local Use After Free Memory Corruption Vulnerability
2017-05-25
http://www.securityfocus.com/bid/94654

OpenSSL CVE-2016-7056 Local Information Disclosure Vulnerability
2017-05-25
http://www.securityfocus.com/bid/95375

giflib 'util/giffix.c' Heap Based Buffer Overflow Vulnerability
2017-05-25
http://www.securityfocus.com/bid/81697

Cisco TelePresence IX5000 Series CVE-2017-6652 Directory Traversal Vulnerability
2017-05-25
http://www.securityfocus.com/bid/98519

Linux Kernel CVE-2017-7294 Local Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97177

Linux Kernel CVE-2017-7261 Local Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97096

Linux Kernel CVE-2017-7616 Multiple Local Information Disclosure Vulnerabilities
2017-05-25
http://www.securityfocus.com/bid/97527

Linux Kernel CVE-2017-7187 Local Denial of Service Vulnerability
2017-05-25
http://www.securityfocus.com/bid/96989

Oracle Java SE and JRockit CVE-2017-3511 Local Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97731

Oracle Java SE and JRockit CVE-2017-3533 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97740

IBM Java SDK CVE-2017-1289 XML External Entity Injection Vulnerability
2017-05-25
http://www.securityfocus.com/bid/98401

Oracle Java SE and JRockit CVE-2017-3544 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97745

zlib Multiple Denial of Service Vulnerabilities
2017-05-25
http://www.securityfocus.com/bid/95131

Oracle Java SE CVE-2017-3539 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97752

Oracle Java SE CVE-2017-3509 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97737

Resteasy CVE-2016-9606 Remote Code Execution Vulnerability
2017-05-25
http://www.securityfocus.com/bid/94940

GNU Bash CVE-2016-9401 Local Security Bypass Vulnerability
2017-05-25
http://www.securityfocus.com/bid/94398

GNU Bash CVE-2016-7543 Local Command Execution Vulnerability
2017-05-25
http://www.securityfocus.com/bid/93183

GNU Bash CVE-2016-0634 Local Code Execution Vulnerability
2017-05-25
http://www.securityfocus.com/bid/92999

GNU Bash CVE-2017-5932 Multiple Arbitrary Code Execution Vulnerabilities
2017-05-25
http://www.securityfocus.com/bid/96136Oracle Java SE CVE-2017-3539 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97752

IBM Java SDK CVE-2017-1289 XML External Entity Injection Vulnerability
2017-05-25
http://www.securityfocus.com/bid/98401

Oracle Java SE and JRockit CVE-2017-3511 Local Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97731

Oracle Java SE CVE-2017-3509 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97737

Oracle Java SE and JRockit CVE-2017-3533 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97740

Oracle Java SE and JRockit CVE-2017-3544 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97745

zlib Multiple Denial of Service Vulnerabilities
2017-05-25
http://www.securityfocus.com/bid/95131

collectd CVE-2017-7401 Multiple Denial of Service Vulnerabilities
2017-05-24
http://www.securityfocus.com/bid/97321

cURL/libcURL CVE-2016-8624 Remote Security Bypass Vulnerability
2017-05-24
http://www.securityfocus.com/bid/94103

cURL/libcURL CVE-2016-8621 Information Disclosure Vulnerability
2017-05-24
http://www.securityfocus.com/bid/94101

ICU CVE-2017-7867 Multiple Heap Buffer Overflow Vulnerabilities
2017-05-24
http://www.securityfocus.com/bid/97672

ISC BIND CVE-2017-3136 Remote Denial of Service Vulnerability
2017-05-24
http://www.securityfocus.com/bid/97653

ISC BIND CVE-2017-3137 Remote Denial of Service Vulnerability
2017-05-24
http://www.securityfocus.com/bid/97651

Oracle MySQL Connectors CVE-2017-3589 Local Security Vulnerability
2017-05-24
http://www.securityfocus.com/bid/97836

Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
2017-05-24
http://www.securityfocus.com/bid/97530

Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability
2017-05-24
http://www.securityfocus.com/bid/94828

Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
2017-05-24
http://www.securityfocus.com/bid/97784

Multiple BlackBerry Products CVE-2017-3894 HTML Injection Vulnerability
2017-05-24
http://www.securityfocus.com/bid/98552

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-24
http://www.securityfocus.com/bid/98325

HP Aruba AirWave Glass CVE-2017-8946 Unspecified Remote Code Execution Vulnerability
2017-05-24
http://www.securityfocus.com/bid/98644

VLAN VLC CVE-2017-8310 Denial of Service Vulnerability
2017-05-24
http://www.securityfocus.com/bid/98638

Samba CVE-2017-7494 Remote Code Execution Vulnerability
2017-05-24
http://www.securityfocus.com/bid/98636

SAP HANA Multiple Security Vulnerabilities
2017-05-23
http://www.securityfocus.com/bid/96206

SAP Netweaver Visual Composer XML External Entity Information Disclosure Vulnerability
2017-05-23
http://www.securityfocus.com/bid/96204

OneThird CMS CVE-2017-2124 Cross Site Scripting Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98604

elfutils CVE-2017-7608 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98609

elfutils CVE-2017-7607 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98608

LibRaw CVE-2017-6886 Memory Corruption Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98605

ImageMagick 'MagickCore/profile.c' Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98606

WordPress WP Statistics Plugin CVE-2017-2135 Unspecified Cross Site Scripting Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98610Oracle Java SE CVE-2017-3539 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97752

IBM Java SDK CVE-2017-1289 XML External Entity Injection Vulnerability
2017-05-25
http://www.securityfocus.com/bid/98401

Oracle Java SE and JRockit CVE-2017-3511 Local Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97731

Oracle Java SE CVE-2017-3509 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97737

Oracle Java SE and JRockit CVE-2017-3533 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97740

Oracle Java SE and JRockit CVE-2017-3544 Remote Security Vulnerability
2017-05-25
http://www.securityfocus.com/bid/97745

zlib Multiple Denial of Service Vulnerabilities
2017-05-25
http://www.securityfocus.com/bid/95131

collectd CVE-2017-7401 Multiple Denial of Service Vulnerabilities
2017-05-24
http://www.securityfocus.com/bid/97321

cURL/libcURL CVE-2016-8624 Remote Security Bypass Vulnerability
2017-05-24
http://www.securityfocus.com/bid/94103

cURL/libcURL CVE-2016-8621 Information Disclosure Vulnerability
2017-05-24
http://www.securityfocus.com/bid/94101

ICU CVE-2017-7867 Multiple Heap Buffer Overflow Vulnerabilities
2017-05-24
http://www.securityfocus.com/bid/97672

ISC BIND CVE-2017-3136 Remote Denial of Service Vulnerability
2017-05-24
http://www.securityfocus.com/bid/97653

ISC BIND CVE-2017-3137 Remote Denial of Service Vulnerability
2017-05-24
http://www.securityfocus.com/bid/97651

Oracle MySQL Connectors CVE-2017-3589 Local Security Vulnerability
2017-05-24
http://www.securityfocus.com/bid/97836

Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
2017-05-24
http://www.securityfocus.com/bid/97530

Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability
2017-05-24
http://www.securityfocus.com/bid/94828

Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
2017-05-24
http://www.securityfocus.com/bid/97784

Multiple BlackBerry Products CVE-2017-3894 HTML Injection Vulnerability
2017-05-24
http://www.securityfocus.com/bid/98552

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-24
http://www.securityfocus.com/bid/98325

HP Aruba AirWave Glass CVE-2017-8946 Unspecified Remote Code Execution Vulnerability
2017-05-24
http://www.securityfocus.com/bid/98644

VLAN VLC CVE-2017-8310 Denial of Service Vulnerability
2017-05-24
http://www.securityfocus.com/bid/98638

Samba CVE-2017-7494 Remote Code Execution Vulnerability
2017-05-24
http://www.securityfocus.com/bid/98636

SAP HANA Multiple Security Vulnerabilities
2017-05-23
http://www.securityfocus.com/bid/96206

SAP Netweaver Visual Composer XML External Entity Information Disclosure Vulnerability
2017-05-23
http://www.securityfocus.com/bid/96204

OneThird CMS CVE-2017-2124 Cross Site Scripting Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98604

elfutils CVE-2017-7608 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98609

elfutils CVE-2017-7607 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98608

LibRaw CVE-2017-6886 Memory Corruption Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98605

ImageMagick 'MagickCore/profile.c' Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98606

WordPress WP Statistics Plugin CVE-2017-2135 Unspecified Cross Site Scripting Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98610

SANS News

Critical Vulnerability in Samba from 3.5.0 onwards

Threatpost

Malware Network Communication Provides Better Early Warning Signal

Twitter Flaw Could Have Allowed Attacker to Tweet From Any Account

Android Overlay and Accessibility Features Leave Millions at Risk

Password Breaches Fueling Booming Credential Stuffing Business

Exploit

Apple WebKit / Safari 10.0.3(12602.4.8) - 'WebCore::FrameView::scheduleRelayout'...

Skia Graphics Library - Heap Overflow due to Rounding Error in SkEdge::setLine

Mozilla Firefox < 53 - 'gfxTextRun' Out-of-Bounds Read

Mozilla Firefox < 53 - 'ConvolvePixel' Memory Disclosure

Apple WebKit / Safari 10.0.3(12602.4.8) - 'Editor::Command::execute' Universal Cross-Site...

WebKit - 'ContainerNode::parserRemoveChild' Universal Cross-Site Scripting

WebKit - 'ContainerNode::parserInsertBefore' Universal Cross-Site Scripting

WebKit - enqueuePageshowEvent and enqueuePopstateEvent Universal Cross-Site Scripting

WebKit - Stealing Variables via Page Navigation in FrameLoader::clear

Apple Safari 10.0.3(12602.4.8) / WebKit - 'HTMLObjectElement::updateWidget' Universal...

NetGain EM 7.2.647 build 941 - Authentication Bypass / Local File Inclusion

NetGain EM 7.2.647 build 941 - Authentication Bypass / Local File Inclusion

Dup Scout Enterprise 9.7.18 - '.xml' Local Buffer Overflow

Samba 3.5.0 - Remote Code Execution

24.5.2017

Bugtraq

Secunia Research: Microsoft Windows Heap-based Buffer Overflow Vulnerabilities 2017-05-23
Secunia Research (remove-vuln secunia com)

HPESBHF03744 rev.1 - HPE Intelligent Management Center (iMC) PLAT running OpenSSL, Remote Denial of Service (DoS) 2017-05-22
HPE Product Security Response Team (security-alert hpe com)

CVE-2017-9024 Secure Auditor - v3.0 Directory Traversal 2017-05-22
apparitionsec gmail com (hyp3rlinx)

CVE-2017-9046 Pegasus "winpm-32.exe" v4.72 Mailto: Link Remote Code Execution 2017-05-22
apparitionsec gmail com (hyp3rlinx)

CVE-2017-9046 Mantis Bug Tracker 1.3.10 / v2.3.0 CSRF Permalink Injection 2017-05-22
apparitionsec gmail com (hyp3rlinx)

May 2017 - SourceTree - Critical Security Advisory 2017-05-22
Atlassian (security atlassian com)

Malware

Ransom:Win32/WannaCrypt
Ransom:Win32/Tescrypt.T

Phishing

*****THANK YOU*****

23rd May 2017

MONDAY: Your $50 Amazon gift
card

Amazon.com

23rd May 2017

Amazon.com - Your Cancellation
166-193417-3158469

Vulnerebility

SAP HANA Multiple Security Vulnerabilities
2017-05-23
http://www.securityfocus.com/bid/96206

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98325

SAP Netweaver Visual Composer XML External Entity Information Disclosure Vulnerability
2017-05-23
http://www.securityfocus.com/bid/96204

OneThird CMS CVE-2017-2124 Cross Site Scripting Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98604

elfutils CVE-2017-7608 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98609

elfutils CVE-2017-7607 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98608

LibRaw CVE-2017-6886 Memory Corruption Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98605

ImageMagick 'MagickCore/profile.c' Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98606

WordPress WP Statistics Plugin CVE-2017-2135 Unspecified Cross Site Scripting Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98610

GNU Binutils CVE-2017-9041 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98598

Foreman CVE-2017-7505 Remote Privilege Escalation Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98607

ImageMagick 'coders/rle.c' Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98603

libxml2 CVE-2017-9049 Heap Buffer Overflow Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98601

OpenSSL CVE-2016-7053 NULL Pointer Dereference Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94244

OpenSSL CVE-2016-7054 Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94238

OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94242

Libxml2 CVE-2017-9047 Buffer Overflow Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98599

Linux kernel CVE-2017-9075 Local Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98597

Ghostscript CVE-2017-8908 Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98427

PHP 'Zend/zend_variables.h' Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98596

Red Hat Jboss Application Server CVE-2017-7504 Remote Code Execution Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98595

LibTIFF 'tif_dir.c' Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98594

ImageMagick CVE-2017-9098 Local Information Disclosure Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98593

LibRaw CVE-2017-6887 Memory Corruption Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98592

Linux kernel CVE-2017-9076 Local Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98586

Apple iOS/macOS/WatchOS/tvOS CVE-2017-2522 Memory Corruption Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98588

GNU Binutils CVE-2017-9038 Multiple Denial of Service Vulnerabilities
2017-05-23
http://www.securityfocus.com/bid/98589

Samba CVE-2016-2126 Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94994

Samba CVE-2017-2619 Symlink Vulnerability
2017-05-23
http://www.securityfocus.com/bid/97033

Samba CVE-2016-2125 User Impersonation Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94988

SANS News

Jaff ransomware gets a makeover

Threatpost

Yahoo Retires ImageMagick After Bugs Leak Server Memory

Google Elevates Security in Android O

Exploit

Apple iOS/macOS - Memory Corruption Due to Bad Bounds Checking in NSCharacterSet Coding...

Apple iOS/macOS - NSUnarchiver Heap Corruption Due to Lack of Bounds Checking in...

Apple iOS/macOS - NSKeyedArchiver Heap Corruption Due to Rounding Error in...

Apple iOS/macOS - NSKeyedArchiver Memory Corruption Due to Lack of Bounds Checking in...

Apple iOS/macOS Kernel - Use-After-Free Due to Bad Locking in Unix Domain Socket File...

Apple iOS/macOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent...

Apple macOS - Local Privilege Escalation Due to Lack of Bounds Checking in HIServices...

VX Search Enterprise 9.5.12 - GET Buffer Overflow (Metasploit)

KDE 4/5 - 'KAuth' Privilege Escalation

23.5.2017

Bugtraq

Secunia Research: Microsoft Windows Heap-based Buffer Overflow Vulnerabilities 2017-05-23
Secunia Research (remove-vuln secunia com)

HPESBHF03744 rev.1 - HPE Intelligent Management Center (iMC) PLAT running OpenSSL, Remote Denial of Service (DoS) 2017-05-22
HPE Product Security Response Team (security-alert hpe com)

CVE-2017-9024 Secure Auditor - v3.0 Directory Traversal 2017-05-22
apparitionsec gmail com (hyp3rlinx)

CVE-2017-9046 Pegasus "winpm-32.exe" v4.72 Mailto: Link Remote Code Execution 2017-05-22
apparitionsec gmail com (hyp3rlinx)

CVE-2017-9046 Mantis Bug Tracker 1.3.10 / v2.3.0 CSRF Permalink Injection 2017-05-22
apparitionsec gmail com (hyp3rlinx)

May 2017 - SourceTree - Critical Security Advisory 2017-05-22
Atlassian (security atlassian com)

CVE-2017-9024 Secure Auditor - v3.0 Directory Traversal 2017-05-20
apparitionsec gmail com (hyp3rlinx)

[SECURITY] [DSA 3858-1] openjdk-7 security update 2017-05-19
Moritz Muehlenhoff (jmm debian org)

[SECURITY] CVE-2017-5657: Apache Archiva CSRF vulnerability for REST endpoints 2017-05-19
Martin (martin_s apache org)

Malware

 

Phishing

Amazon.com

23rd May 2017

Amazon.com - Your Cancellation
166-193417-3158469

Vulnerebility

OneThird CMS CVE-2017-2124 Cross Site Scripting Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98604

elfutils CVE-2017-7608 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98609

elfutils CVE-2017-7607 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98608

LibRaw CVE-2017-6886 Memory Corruption Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98605

ImageMagick 'MagickCore/profile.c' Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98606

WordPress WP Statistics Plugin CVE-2017-2135 Unspecified Cross Site Scripting Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98610

GNU Binutils CVE-2017-9041 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98598

Foreman CVE-2017-7505 Remote Privilege Escalation Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98607

ImageMagick 'coders/rle.c' Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98603

libxml2 CVE-2017-9049 Heap Buffer Overflow Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98601

OpenSSL CVE-2016-7053 NULL Pointer Dereference Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94244

OpenSSL CVE-2016-7054 Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94238

OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94242

Libxml2 CVE-2017-9047 Buffer Overflow Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98599

Linux kernel CVE-2017-9075 Local Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98597

Ghostscript CVE-2017-8908 Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98427

PHP 'Zend/zend_variables.h' Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98596

Red Hat Jboss Application Server CVE-2017-7504 Remote Code Execution Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98595

LibTIFF 'tif_dir.c' Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98594

ImageMagick CVE-2017-9098 Local Information Disclosure Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98593

LibRaw CVE-2017-6887 Memory Corruption Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98592

Linux kernel CVE-2017-9076 Local Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98586

Apple iOS/macOS/WatchOS/tvOS CVE-2017-2522 Memory Corruption Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98588

GNU Binutils CVE-2017-9038 Multiple Denial of Service Vulnerabilities
2017-05-23
http://www.securityfocus.com/bid/98589

Samba CVE-2016-2126 Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94994

Samba CVE-2017-2619 Symlink Vulnerability
2017-05-23
http://www.securityfocus.com/bid/97033

Samba CVE-2016-2125 User Impersonation Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94988

GNU Binutils CVE-2017-9043 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98591

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98325

SAP Business One for Android CVE-2016-6256 XML External Entity Injection Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98590OpenSSL CVE-2016-7053 NULL Pointer Dereference Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94244

OpenSSL CVE-2016-7054 Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94238

OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/94242

Ghostscript CVE-2017-8908 Denial of Service Vulnerability
2017-05-23
http://www.securityfocus.com/bid/98427

Samba CVE-2016-2126 Denial of Service Vulnerability
2017-05-22
http://www.securityfocus.com/bid/94994

Samba CVE-2017-2619 Symlink Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97033

Samba CVE-2016-2125 User Impersonation Vulnerability
2017-05-22
http://www.securityfocus.com/bid/94988

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98325

KDE KAuth CVE-2017-8422 Local Privilege Escalation Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98412

Oracle Java SE and JRockit CVE-2017-3533 Remote Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97740

Oracle Java SE CVE-2017-3539 Remote Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97752

Oracle Java SE and JRockit CVE-2017-3544 Remote Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97745

Oracle Java SE and JRockit CVE-2017-3526 Remote Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97733

Oracle Java SE CVE-2017-3509 Remote Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97737

Oracle Java SE and JRockit CVE-2017-3511 Local Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97731

Juniper Junos CVE-2017-2312 Denial of Service Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97611

OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2017-05-22
http://www.securityfocus.com/bid/71936

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2017-05-22
http://www.securityfocus.com/bid/93150

Dropbear SSH Server Use After Free Remote Code Execution Vulnerability
2017-05-22
http://www.securityfocus.com/bid/52159

FreeBSD CVE-2013-5209 Information Disclosure Vulnerability
2017-05-22
http://www.securityfocus.com/bid/61939

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-05-22
http://www.securityfocus.com/bid/98468

Foreman CVE-2017-7505 Remote Privilege Escalation Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98607

ImageMagick 'MagickCore/profile.c' Denial of Service Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98606

ImageMagick 'coders/rle.c' Denial of Service Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98603

LibTIFF 'tif_dir.c' Denial of Service Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98594

ImageMagick CVE-2017-9098 Local Information Disclosure Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98593

Apple iOS/macOS/WatchOS/tvOS CVE-2017-2523 Memory Corruption Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98584

PHP 'Zend/zend_variables.h' Denial of Service Vulnerability
2017-05-21
http://www.securityfocus.com/bid/98596

LibTIFF CVE-2017-9117 Heap Based Buffer Overflow Vulnerability
2017-05-21
http://www.securityfocus.com/bid/98581

SAP Business One for Android CVE-2016-6256 XML External Entity Injection Vulnerability
2017-05-20
http://www.securityfocus.com/bid/98590Samba CVE-2016-2126 Denial of Service Vulnerability
2017-05-22
http://www.securityfocus.com/bid/94994

Samba CVE-2017-2619 Symlink Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97033

Samba CVE-2016-2125 User Impersonation Vulnerability
2017-05-22
http://www.securityfocus.com/bid/94988

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98325

KDE KAuth CVE-2017-8422 Local Privilege Escalation Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98412

Oracle Java SE and JRockit CVE-2017-3533 Remote Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97740

Oracle Java SE CVE-2017-3539 Remote Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97752

Oracle Java SE and JRockit CVE-2017-3544 Remote Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97745

Oracle Java SE and JRockit CVE-2017-3526 Remote Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97733

Oracle Java SE CVE-2017-3509 Remote Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97737

Oracle Java SE and JRockit CVE-2017-3511 Local Security Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97731

Juniper Junos CVE-2017-2312 Denial of Service Vulnerability
2017-05-22
http://www.securityfocus.com/bid/97611

OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2017-05-22
http://www.securityfocus.com/bid/71936

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2017-05-22
http://www.securityfocus.com/bid/93150

Dropbear SSH Server Use After Free Remote Code Execution Vulnerability
2017-05-22
http://www.securityfocus.com/bid/52159

FreeBSD CVE-2013-5209 Information Disclosure Vulnerability
2017-05-22
http://www.securityfocus.com/bid/61939

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-05-22
http://www.securityfocus.com/bid/98468

ImageMagick CVE-2017-9098 Local Information Disclosure Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98593

Apple iOS/macOS/WatchOS/tvOS CVE-2017-2523 Memory Corruption Vulnerability
2017-05-22
http://www.securityfocus.com/bid/98584

LibTIFF CVE-2017-9117 Heap Based Buffer Overflow Vulnerability
2017-05-21
http://www.securityfocus.com/bid/98581

SAP Business One for Android CVE-2016-6256 XML External Entity Injection Vulnerability
2017-05-20
http://www.securityfocus.com/bid/98590

Linux Kernel 'net/core/sock.c' Multiple Local Memory Corruption Vulnerabilities
2017-05-19
http://www.securityfocus.com/bid/94655

Linux Kernel CVE-2017-6348 Local Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/96483

OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/75157

Linux Kernel 'net/x25/x25_facilities.c' Local Information Disclosure Vulnerability
2017-05-19
http://www.securityfocus.com/bid/90528

SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2017-05-19
http://www.securityfocus.com/bid/58796

OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2017-05-19
http://www.securityfocus.com/bid/75161

Linux kernel 'ip_sockglue.c' Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/96233

Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97784

Oracle MySQL Connectors CVE-2017-3589 Local Security Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97836

SANS News

Investigating Sites After They are Gone; And a Case of Uber Phishing With SSL

What did we Learn from WannaCry? - Oh Wait, We Already Knew That!

Threatpost

Jaya Baloo on WannaCry and Defending Against Advanced Attacks

Verizon Patches XSS Issues in its Messaging Client

Trump’s Cybersecurity Boss Talks Priorities

Exploit

Apple macOS - '32-bit syscall exit' Kernel Register Leak

Apple macOS - 'stackshot' Raw Frame Pointers

Linux Kernel 4.11 - eBPF Verifier Log Leaks Lower Half of map Pointer

Sure Thing Disc Labeler 6.2.138.0 - Buffer Overflow (PoC)

VMware Workstation for Linux 12.5.2 build-4638234 - ALSA Config Host Root Privilege...

22.5.2017

Bugtraq

CVE-2017-9024 Secure Auditor - v3.0 Directory Traversal 2017-05-22
apparitionsec gmail com (hyp3rlinx)

CVE-2017-9046 Pegasus "winpm-32.exe" v4.72 Mailto: Link Remote Code Execution 2017-05-22
apparitionsec gmail com (hyp3rlinx)

CVE-2017-9046 Mantis Bug Tracker 1.3.10 / v2.3.0 CSRF Permalink Injection 2017-05-22
apparitionsec gmail com (hyp3rlinx)

May 2017 - SourceTree - Critical Security Advisory 2017-05-22
Atlassian (security atlassian com)

CVE-2017-9024 Secure Auditor - v3.0 Directory Traversal 2017-05-20
apparitionsec gmail com (hyp3rlinx)

[SECURITY] [DSA 3858-1] openjdk-7 security update 2017-05-19
Moritz Muehlenhoff (jmm debian org)

[SECURITY] CVE-2017-5657: Apache Archiva CSRF vulnerability for REST endpoints 2017-05-19
Martin (martin_s apache org)

Malware

 

Phishing

 

Vulnerebility

2015-5241
2017-4978
2017-4979
2017-7475
2017-7504
2017-7968
2017-9077
2017-9078
2017-9079
2017-9080
2017-9083
2017-9090
2017-9091
2017-9093
2017-9094
2017-9098
2017-0619
2017-5173
2017-5174
2017-5176
2017-5177
2017-6016
2017-6025
2017-6027
2017-6250
2017-7240
2017-7907
2017-8358
2017-9076

SANS News

 

Threatpost

 

Exploit

Secure Auditor 3.0 - Directory Traversal

KMCIS CaseAware - Cross-Site Scripting

Mantis Bug Tracker 1.3.10/2.3.0 - Cross-Site Request Forgery

Sure Thing Disc Labeler 6.2.138.0 - Buffer Overflow (PoC)

PlaySMs 1.4 - 'import.php' Remote Code Execution

21.5.2017

Bugtraq

[SECURITY] [DSA 3853-1] bitlbee security update 2017-05-15
Sebastien Delafond (seb untangle com)

Secunia Research: LibRaw "parse_tiff_ifd()" Memory Corruption Vulnerability 2017-05-15
Secunia Research (remove-vuln secunia com)

PingID (MFA) - Reflected Cross-Site Scripting 2017-05-17
Advisories (advisories compass-security com)

[slackware-security] kdelibs (SSA:2017-136-02) 2017-05-16
Slackware Security Team (security slackware com)

[security bulletin] HPESBGN03748 rev.1 - HPE Cloud Optimizer, Remote Disclosure of Information 2017-05-18
security-alert hpe com

[SECURITY] [DSA 3856-1] deluge security update 2017-05-18
Moritz Muehlenhoff (jmm debian org)

Malware

 

Phishing

 

Vulnerebility

Linux Kernel 'net/core/sock.c' Multiple Local Memory Corruption Vulnerabilities
2017-05-19
http://www.securityfocus.com/bid/94655

Linux Kernel CVE-2017-6348 Local Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/96483

OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/75157

Linux Kernel 'net/x25/x25_facilities.c' Local Information Disclosure Vulnerability
2017-05-19
http://www.securityfocus.com/bid/90528

SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2017-05-19
http://www.securityfocus.com/bid/58796

OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2017-05-19
http://www.securityfocus.com/bid/75161

Linux kernel 'ip_sockglue.c' Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/96233

Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97784

Oracle MySQL Connectors CVE-2017-3589 Local Security Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97836

Deluge CVE-2017-7178 Cross Site Request Forgery Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97041

Oracle PeopleSoft Enterprise PeopleTools CVE-2017-3548 Remote Security Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97880

Cisco Aironet Access Points CVE-2017-3873 Arbitrary Code Execution Vulnerability
2017-05-19
http://www.securityfocus.com/bid/98296

JasPer 'jpc_pi_nextcprl()' Function Local Integer Overflow Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97584

JasPer CVE-2016-9591 Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/94952

JasPer 'jpc_dec.c' Null Pointer Dereference Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/95864

Jasper 'jpc_tsfb.c' Stack Buffer Overflow Vulnerability
2017-05-19
http://www.securityfocus.com/bid/94428

JasPer CVE-2016-8654 Multiple Remote Heap Buffer Overflow Vulnerabilities
2017-05-19
http://www.securityfocus.com/bid/94583

JasPer 'jpc_dec.c' Remote Heap Buffer Overflow Vulnerability
2017-05-19
http://www.securityfocus.com/bid/93838

JasPer CVE-2016-8691 Divide By Zero Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/93593

JasPer CVE-2016-8692 Divide By Zero Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/93588

JasPer CVE-2016-8693 Double Free Remote Code Execution Vulnerability
2017-05-19
http://www.securityfocus.com/bid/93587

JasPer CVE-2016-1867 Out of Bound Read Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/81488

JasPer 'jas_seq.c' Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/83108

Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability
2017-05-19
http://www.securityfocus.com/bid/96704

Google Android Qualcomm Components CVE-2014-9925 Unspecified Security Vulnerabilities
2017-05-19
http://www.securityfocus.com/bid/98227

RedHat JBoss Enterprise Application Platform XML External Entity Injection Vulnerability
2017-05-19
http://www.securityfocus.com/bid/98450

WordPress Prior to 4.7.5 Multiple Security Vulnerabilities
2017-05-19
http://www.securityfocus.com/bid/98509

IBM Development Package for Apache Spark CVE-2016-4970 Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/96540

infinispan CVE-2017-2638 Authentication Bypass Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97964

ISC BIND CVE-2016-2775 Remote Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/92037

SANS News

Typosquatting: Awareness and Hunting

Threatpost

Available Tools Making Dent in WannaCry Encryption

Terror Exploit Kit Evolves Into Larger Threat

Exploit

Joomla 3.7.0 - 'com_fields' SQL Injection

Oracle PeopleSoft - Server-Side Request Forgery

Belden Garrettcom 6K/10K Switches - Authentication Bypass / Memory Corruption

SAP Business One for Android 1.2.3 - XML External Entity Injection

ManageEngine ServiceDesk Plus 9.0 - Authentication Bypass

PlaySMS 1.4 - Remote Code Execution

D-Link DIR-600M Wireless N 150 - Authentication Bypass

19.5.2017

Bugtraq

[security bulletin] HPESBGN03748 rev.1 - HPE Cloud Optimizer, Remote Disclosure of Information 2017-05-18
security-alert hpe com

[SECURITY] [DSA 3856-1] deluge security update 2017-05-18
Moritz Muehlenhoff (jmm debian org)

Nextcloud/Owncloud - Reflected Cross Site Scripting in error pages 2017-05-15
Manuel Mancera (sinkmanu gmail com)

APPLE-SA-2017-05-15-6 iTunes 12.6.1 2017-05-15
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-05-15-4 watchOS 3.2.1 2017-05-15
Apple Product Security (product-security-noreply lists apple com)

Malware

Ransom:Win32/WannaCrypt

Trojan:Win32/Adylkuzz.B

Phishing

 

Vulnerebility

Google Android Qualcomm Components CVE-2014-9925 Unspecified Security Vulnerabilities
2017-05-19
http://www.securityfocus.com/bid/98227

RedHat JBoss Enterprise Application Platform XML External Entity Injection Vulnerability
2017-05-19
http://www.securityfocus.com/bid/98450

WordPress Prior to 4.7.5 Multiple Security Vulnerabilities
2017-05-19
http://www.securityfocus.com/bid/98509

IBM Development Package for Apache Spark CVE-2016-4970 Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/96540

infinispan CVE-2017-2638 Authentication Bypass Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97964

ISC BIND CVE-2016-2775 Remote Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/92037

ISC BIND CVE-2016-6170 Remote Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/91611

Miele Professional PG85 Series CVE-2017-7240 Directory Traversal Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97080

Apple iOS APPLE-SA-2017-05-15-2 Security Bypass and Denial of Service Vulnerabilities
2017-05-19
http://www.securityfocus.com/bid/98479

Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97234

Linux Kernel CVE-2017-7294 Local Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97177

ISC BIND CVE-2017-3136 Remote Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97653

ISC BIND CVE-2017-3137 Remote Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97651

ICU CVE-2017-7868 Multiple Heap Buffer Overflow Vulnerabilities
2017-05-19
http://www.securityfocus.com/bid/97674

ICU CVE-2017-7867 Multiple Heap Buffer Overflow Vulnerabilities
2017-05-19
http://www.securityfocus.com/bid/97672

Linux Kernel CVE-2017-2636 Local Privilege Escalation Vulnerability
2017-05-19
http://www.securityfocus.com/bid/96732

LibreOffice CVE-2017-3157 Local Information Disclosure Vulnerability
2017-05-19
http://www.securityfocus.com/bid/96402

PostgreSQL CVE-2016-5423 NULL Pointer Dereference Remote Code Execution Vulnerability
2017-05-19
http://www.securityfocus.com/bid/92433

PostgreSQL CVE-2016-5424 Multiple Local Privilege Escalation Vulnerabilities
2017-05-19
http://www.securityfocus.com/bid/92435

QEMU CVE-2016-9603 Heap Buffer Overflow Vulnerability
2017-05-19
http://www.securityfocus.com/bid/96893

Linux Kernel CVE-2016-8645 Local Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/94264

ISC BIND CVE-2017-3138 Remote Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/97657

Squirrelmail CVE-2017-7692 Command Injection Vulnerability
2017-05-19
http://www.securityfocus.com/bid/98067

Git CVE-2017-8386 Security Bypass Vulnerability
2017-05-19
http://www.securityfocus.com/bid/98409

PostgreSQL CVE-2017-7484 Information Disclosure Vulnerability
2017-05-19
http://www.securityfocus.com/bid/98459

PostgreSQL CVE-2017-7486 Information Disclosure Vulnerability
2017-05-19
http://www.securityfocus.com/bid/98460

PostgreSQL CVE-2017-7485 Man in the Middle Security Bypass Vulnerability
2017-05-19
http://www.securityfocus.com/bid/98461

RTMPDump NULL pointer Dereference Remote Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/95123

RTMPDump NULL pointer Dereference CVE-2015-8270 Remote Denial of Service Vulnerability
2017-05-19
http://www.securityfocus.com/bid/95126

RTMPDump CVE-2015-8271 Remote Code Execution Vulnerability
2017-05-19
http://www.securityfocus.com/bid/95125

SANS News

 

Threatpost

WordPress Fixes CSRF, XSS Bugs, Announces Bug Bounty Program

PATCH Act Calls for VEP Review Board

Exploit

Microsoft Windows Windows 8/2012 R2 (x64) - 'EternalBlue' SMB Remote Code Execution...

Microsoft Windows Windows 7/2008 R2 (x64) - 'EternalBlue' SMB Remote Code Execution...

Joomla 3.7.0 - 'com_fields' SQL Injection

18.5.2017

Bugtraq

Nextcloud/Owncloud - Reflected Cross Site Scripting in error pages 2017-05-15
Manuel Mancera (sinkmanu gmail com)

APPLE-SA-2017-05-15-6 iTunes 12.6.1 2017-05-15
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-05-15-4 watchOS 3.2.1 2017-05-15
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPESBHF03745 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2017-05-14
security-alert hpe com

Secunia Research: FLAC "read_metadata_vorbiscomment_()" Memory Leak Denial of Service Vulnerability 2017-05-15
Secunia Research (remove-vuln secunia com)

DefenseCode ThunderScan SAST Advisory: GOOGLE google-api-php-client Multiple Security Vulnerabilities 2017-05-11
DefenseCode (defensecode defensecode com)

SEC Consult SA-20170511-0 :: Stack-based buffer overflow vulnerability in Guidance Software EnCase Forensic Imager 2017-05-11
SEC Consult Vulnerability Lab (research sec-consult com)

DefenseCode WebScanner DAST Advisory: WordPress User Access Manager Plugin Security Vulnerability 2017-05-11
DefenseCode (defensecode defensecode com)

DefenseCode ThunderScan SAST Advisory: WordPress Tracking Code Manager Plugin Multiple Security Vulnerabilities 2017-05-11
DefenseCode (defensecode defensecode com)

Malware

Trojan.Adylkuzz

Hacktool.Seasharpee

MonitoringTool:Win32/MicTrayDebugger

Ransom:Win32/Uiwix.A!rsm

Phishing

Bradley Groholski

17th May 2017

MICROSORT UPDATE

Chase

17th May 2017

CHASE ONLINE CONFIRMATION
ALERT

spoof

15th May 2017

Thank you!

USAA Online

15th May 2017

Important Information

Vulnerebility

2011-0540
2012-1619
2012-3545
2013-4360
2014-9931
2014-9932
2014-9933
2014-9934
2014-9935
2014-9936
2014-9937
2015-8995
2015-8996
2015-8997
2015-8998
2015-8999
2015-9000
2015-9001
2015-9002
2015-9003
2016-10237
2016-10238
2016-10239
2016-10242
2016-10372
2017-3825
2017-3873
2017-3876
2017-3882
2017-6079
2017-6651
2017-6657
2017-6658
2017-6885
2017-6886
2017-6887
2017-7488
2017-7661
2017-7662

2016-8741 
2017-0620 
2017-8852 

SANS News

My Little CVE Bot

Threatpost

APT3 Linked to Chinese Ministry of State Security

Exploit

Microsoft Windows - COM Aggregate Marshaler/IRemUnknown2 Type Confusion Privilege...

Windows x32 / Windows x64 - cmd.exe Shellcode (718 bytes)

Apple iOS < 10.3.2 - Notifications API Denial of Service

Microsoft Windows - Running Object Table Register ROTFLAGS_ALLOWANYCLIENT Privilege...

Mozilla Firefox 50 - 55 - Stack Overflow Denial of Service

INFOR EAM 11.0 Build 201410 - 'filtervalue' SQL Injection

INFOR EAM 11.0 Build 201410 - Persistent Cross-Site Scripting via Comment Fields

Oracle PeopleSoft - XML External Entity to SYSTEM Remote Code Execution

BuilderEngine 3.5.0 - Arbitrary File Upload and Execution (Metasploit)

WordPress PHPMailer 4.6 - Host Header Command Injection (Metasploit)

Serviio Media Server - checkStreamUrl Command Execution (Metasploit)

Dup Scout Enterprise 9.5.14 - GET Buffer Overflow (Metasploit)

17.5.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

SANS News

 

Threatpost

Chrome Browser Hack Opens Door to Credential Theft

WannaCry Shares Code with Lazarus APT Samples

Apple Patches Pwn2Own Vulnerabilities in Safari, macOS, iOS

DocuSign Phishing Campaign Includes Hancitor Downloader

Exploit

 

16.5.2017

Bugtraq

 

Malware

Ransom:Win32/WannaCrypt 

Phishing

spoof

15th May 2017

Thank you!

USAA Online

15th May 2017

Important Information

Vulnerebility

2015-6542
2016-10274
2016-10275
2016-10276
2016-10277
2016-10280
2016-10281
2016-10282
2016-10283
2016-10284
2016-10285
2016-10286
2016-10287
2016-10288
2016-10289
2016-10290
2016-10291
2016-10292
2016-10293
2016-10294
2016-10295
2016-10296
2016-10329
2016-10330
2016-10331
2016-4838
2016-4839
2016-4855
2016-4856
2016-4857
2016-4858
2016-4859
2016-4864
2016-4876
2016-4877
2016-4878
2016-4879
2016-4880
2016-4881
2016-4882
2016-4883
2016-4884
2016-4885
2016-4886
2016-4887
2017-0064
2017-0077
2017-0171
2017-0175
2017-0190
2017-0212
2017-0213
2017-0214
2017-0220
2017-0221
2017-0222
2017-0224
2017-0226
2017-0227
2017-0228
2017-0229
2017-0230
2017-0231
2017-0233
2017-0234
2017-0235
2017-0236
2017-0238
2017-0240
2017-0241
2017-0242
2017-0244
2017-0245
2017-0246
2017-0247
2017-0248
2017-0249
2017-0254
2017-0255
2017-0256
2017-0258
2017-0259
2017-0261
2017-0262
2017-0263
2017-0264
2017-0265
2017-0266
2017-0267
2017-0268
2017-0269
2017-0270
2017-0271
2017-0272
2017-0273
2017-0274
2017-0275
2017-0276
2017-0277
2017-0278
2017-0279
2017-0280
2017-0281
2017-0465
2017-0493
2017-0587
2017-0588
2017-0589
2017-0590
2017-0591
2017-0592
2017-0593
2017-0594
2017-0595
2017-0596
2017-0597
2017-0598
2017-0599
2017-0600
2017-0601
2017-0602
2017-0603
2017-0604
2017-0605
2017-0606
2017-0607
2017-0608
2017-0609
2017-0610
2017-0611
2017-0612
2017-0613
2017-0614
2017-0615
2017-0616
2017-0617
2017-0618
2017-0619
2017-0620
2017-0621
2017-0622
2017-0623
2017-0624
2017-0625
2017-0626
2017-0627
2017-0628
2017-0629
2017-0630
2017-0631
2017-0632
2017-0633
2017-0634
2017-0635
2017-2122
2017-2157
2017-2163
2017-2164
2017-2167
2017-5654
2017-7474
2017-7484
2017-7485
2017-7486
2017-8244
2017-8245
2017-8246
2017-8921
2017-8923
2017-8924
2017-8925

2016-4875
2016-4888
2016-4889
2016-4890
2016-7476
2017-0290

SANS News

WannaCry? Do your own data analysis.

Threatpost

OpenVPN Audits Yield Mixed Bag

WikiLeaks Reveals Two CIA Malware Frameworks

ShadowBrokers Planning Monthly Exploit, Data Dump Service

Exploit

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of...

Microsoft Windows 10 Kernel - nt!NtTraceControl (EtwpSetProviderTraits) Pool Memory...

Microsoft Windows 7 Kernel - 'win32k!xxxClientLpkDrawTextEx' Stack Memory Disclosure

Microsoft Windows 7 Kernel - Pool-Based Out-of-Bounds Reads Due to bind()...

Quest Privilege Manager - pmmasterd Buffer Overflow (Metasploit)

Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2 - Multiple...

Sophos Web Appliance 4.3.1.1 - Session Fixation

Quest Privilege Manager - pmmasterd Buffer Overflow (Metasploit)

15.5.2017

Bugtraq

 

Malware

Ransom:Win32/WannaCrypt

Phishing

 

Vulnerebility

2017-7213
2017-7487
2017-8928
2017-8929
2017-8930

SANS News

WannaCry/WannaCrypt Ransomware Summary

Threatpost

Matthew Hickey on WannaCry Ransomware Outbreak

Exploit

PlaySms 1.4 - Remote Code Execution

Mailcow 0.14 - Cross-Site Request Forgery

Halliburton LogView Pro 10.0.1 - Local Buffer Overflow (SEH)

Larson VizEx Reader 9.7.5 - Local Buffer Overflow (SEH)

14.5.2017

Bugtraq

 

Malware

Ransom:Win32/WannaCrypt
Trojan:Win32/Mulrolu.A!cl
Program:Win32/Vigram.A

Phishing

 

Vulnerebility

 

SANS News

Massive wave of ransomware ongoing

Microsoft Released Guidance for WannaCrypt

Threatpost

New Jaff Ransomware Part Of Active Necurs Spam Blitz

Exploit

Vanilla Forums < 2.3 - Remote Code Execution

CMS Made Simple 2.1.6 - Multiple Vulnerabilities

Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) - Double-free usb-midi SMEP...

Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE' & 'SO_RCVBUFFORCE' Local Privilege...

12.5.2017

Bugtraq

 

Malware

Exp.CVE-2017-0262

Trojan.Boyapki

Trojan.Halabake

Phishing

 

Vulnerebility

 

SANS News

When Bad Guys are Pwning Bad Guys...

Threatpost

Microsoft’s New Security Update Guides Get Mixed Reviews

Vanilla Forums Open Source Software Vulnerable to RCE, Host Header Injection Vulnerability


Trump Signs Cybersecurity Executive Order

Anti Public Combo List Analysis Reveals Password Habits Improving

Exploit

Linux Kernel 4.8.0 (Ubuntu) - Packet Socket Local Privilege Escalation

OpenVPN 2.4.0 - Unauthenticated Denial of Service

Vanilla Forums < 2.3 - Remote Code Execution

Microsoft IIS - WebDav 'ScStoragePathFromUrl' Overflow (Metasploit)

CMS Made Simple 2.1.6 - Multiple Vulnerabilities

Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE' & 'SO_RCVBUFFORCE' Local Privilege...

Linux Kernel 4.8.0 (Ubuntu) - Packet Socket Local Privilege Escalation

OpenVPN 2.4.0 - Unauthenticated Denial of Service

11.5.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Cisco WebEx Meetings Server CVE-2017-6651 Information Disclosure Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98387

Red Hat JBoss BRMS and BPM Suite CVE-2017-7463 Cross Site Scripting Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98385

ImageMagick CVE-2017-8356 Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98378

Veritas Backup Exec Use After Free Remote Code Execution Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98386

Fortinet Fortiweb CVE-2017-3129 Cross Site Scripting Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98382

Veritas NetBackup and NetBackup Appliance Arbitrary Command Execution Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98384

ImageMagick CVE-2017-8355 Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98380

Google Android Mediaserver CVE-2017-0599 Denial Of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98134

ImageMagick CVE-2017-8352 Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98372

ImageMagick CVE-2017-8354 Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98374

Veritas NetBackup and NetBackup Appliance Arbitrary Command Execution Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98379

Veritas NetBackup Appliance CVE-2017-8859 Arbitrary Command Execution Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98383

OpenSSL 'ssl/s3_srvr.c' Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73238

Veritas NetBackup and NetBackup Appliance CVE-2017-8858 Arbitrary File Write Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98381

OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73232

OpenSSL '/evp/encode.c' Remote Memory Corruption Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73228

OpenSSL CVE-2015-0290 Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73226

OpenSSL CVE-2015-0291 Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73235

OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73237

OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73231

OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73227

OpenSSL CVE-2015-0285 Insufficient Entropy Security Weakness
2017-05-11
http://www.securityfocus.com/bid/73234

Trend Micro Threat Discovery Appliance CVE-2016-8586 Command Injection Vulnerability
2017-05-11
http://www.securityfocus.com/bid/98376

OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73239

OpenSSL CVE-2015-0207 Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73229

Cisco IOS and IOS XE Software CVE-2015-0646 Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73340

Cisco IOS and IOS XE Software 'IKEv2' Module Multiple Denial of Service Vulnerabilities
2017-05-11
http://www.securityfocus.com/bid/73333

NTP CVE-2015-1799 Denial of Service Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73950

Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2017-05-11
http://www.securityfocus.com/bid/77287

NTP CVE-2015-1798 Man in the Middle Security Bypass Vulnerability
2017-05-11
http://www.securityfocus.com/bid/73951

SANS News

Seamless Campaign using Rig Exploit Kit to send Ramnit Trojan

Threatpost

Cisco Patches IOS XE Vulnerability Leaked in Vault 7 Dump

Microsoft Makes it Official, Cuts off SHA-1 Support in IE, Edge

Android Permissions Flaw Will Linger Until O Release

Session Hijacking, Cookie-Stealing WordPress Malware Spotted

Exploit

Microsoft Windows - SrvOs2FeaToNt SMB Remote Code Execution (MS17-010)

Microsoft IIS WebDav - ScStoragePathFromUrl Overflow (Metasploit)

QNAP PhotoStation 5.2.4 / MusicStation 4.8.4 - Authentication Bypass

BanManager WebUI 1.5.8 - PHP Code Injection

Gongwalker API Manager 1.1 - Cross-Site Request Forgery

SAP SAPCAR 721.510 - Heap-Based Buffer Overflow

10.5.2017

Bugtraq

 

Malware

 

Phishing

Microsoft

9th May 2017

Security Alert.

spoof

9th May 2017

Dude. This acid.

NatWest Bank

7th May 2017

Important Message

Vulnerebility

Microsoft Malware Protection Engine CVE-2017-0290 Remote Code Execution Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98330

Microsoft Windows Graphics Device Interface CVE-2017-0190 Information Disclosure Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98298

SAP NetWeaver Denial of Service Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98362

Microsoft Office CVE-2017-0281 Remote Code Execution Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98297

Microsoft Edge CVE-2017-0227 Remote Memory Corruption Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98281

Microsoft Edge CVE-2017-0266 Remote Code Execution Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98276

Microsoft Windows CVE-2017-0242 ActiveX Control Local Information Disclosure Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98275

Microsoft Windows SMB Server CVE-2017-0279 Remote Code Execution Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98272

Microsoft Windows SMB Server CVE-2017-0273 Remote Denial of Service Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98274

Microsoft Windows SMB Server CVE-2017-0277 Remote Code Execution Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98270

Microsoft Windows SMB Server CVE-2017-0278 Remote Code Execution Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98271

Microsoft Windows SMB Server CVE-2017-0276 Information Disclosure Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98268

Microsoft Windows SMB Server CVE-2017-0275 Information Disclosure Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98267

Microsoft Windows SMB Server CVE-2017-0271 Information Disclosure Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98265

Microsoft Windows SMB Server CVE-2017-0274 Information Disclosure Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98266

Microsoft Windows SMB Server CVE-2017-0270 Information Disclosure Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98264

Microsoft Edge and Internet Explorer CVE-2017-0238 Remote Memory Corruption Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98237

Microsoft Edge CVE-2017-0235 Remote Memory Corruption Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98230

Microsoft Edge CVE-2017-0236 Remote Memory Corruption Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98234

Microsoft Edge CVE-2017-0230 Remote Memory Corruption Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98222

Microsoft Edge CVE-2017-0234 Remote Memory Corruption Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98229

Microsoft Edge CVE-2017-0224 Remote Memory Corruption Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98214

Microsoft Edge CVE-2017-0229 Remote Memory Corruption Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98217

Microsoft Edge CVE-2017-0241 Remote Privilege Escalation Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98208

Microsoft Edge CVE-2017-0240 Remote Memory Corruption Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98203

Microsoft Edge CVE-2017-0233 Remote Privilege Escalation Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98179

Microsoft DirectX Graphics Kernel CVE-2017-0077 Local Privilege Escalation Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98114

Microsoft Internet Explorer and Edge CVE-2017-0228 Remote Memory Corruption Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98164

Microsoft Internet Explorer and Edge CVE-2017-0231 Spoofing Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98173

Microsoft Internet Explorer CVE-2017-0226 Remote Memory Corruption Vulnerability
2017-05-10
http://www.securityfocus.com/bid/98139

SANS News

OAuth, and It's High Time for Some Personal "Security-Scaping" Today

Threatpost

Hikvision Patches Backdoor in IP Cameras

Adobe Patches Seven Critical Vulnerabilities in Flash, AEM


Google’s OSS-Fuzz Finds 1,000 Open Source Bugs


Microsoft Plugs Three Zero Day Holes as Part of May Patch Tuesday

Exploit

Microsoft Windows 8 / 8.1 / 10 / Windows Server / SCEP, Microsoft Security...

Oracle GoldenGate 12.1.2.0.0 - Unauthenticated Remote Code Execution

Crypttech CryptoLog - Remote Code Execution (Metasploit)

LogRhythm Network Monitor - Authentication Bypass / Command Injection

I, Librarian 4.6 / 4.7 - Command Injection / Server Side Request Forgery /...

LG G4 MRA58K - 'liblg_parser_mkv.so' Bad Allocation Calls

LG G4 MRA58K - 'mkvparser::Tracks constructor' Failure to Initialise Pointers

LG G4 MRA58K - 'mkvparser::Block::Block' Heap Buffer Overflows

wolfSSL 3.10.2 - x509 Certificate Text Parsing Off-by-One

9.5.2017

Bugtraq

SEC Consult SA-20170509-0 :: Multiple vulnerabilities in I, Librarian PDF manager 2017-05-09
SEC Consult Vulnerability Lab (research sec-consult com)

[SECURITY] [DSA 3846-1] libytnef security update 2017-05-09
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 3845-1] libtirpc security update 2017-05-08
Moritz Muehlenhoff (jmm debian org)

ESA-2017-035: EMC Mainframe Enablers ResourcePak Base privilege management vulnerability 2017-05-08
EMC Product Security Response Center (Security_Alert emc com)

CA20170504-01: Security Notice for CA Client Automation OS Installation Management 2017-05-05
Kotas, Kevin J (Kevin Kotas ca com)

Malware

Trojan.Reblight

Phishing

spoof

9th May 2017

Dude. This acid.

Vulnerebility

Citrix XenMobile Server CVE-2016-6877 Host Header Injection Vulnerability
2017-05-20
http://www.securityfocus.com/bid/98341

IBM WebSphere Portal CVE-2017-1156 Unspecified Open Redirection Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98340

Google Android Qualcomm Secure Channel Manager Driver Privilege Escalation Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98193

Microsoft Malware Protection Engine CVE-2017-0290 Remote Code Execution Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98330

GNU glibc CVE-2017-8804 Remote Denial of Service Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98339

Trend Micro OfficeScan Multiple Privilege Escalation and Cross Site Scripting Vulnerabilities
2017-05-09
http://www.securityfocus.com/bid/98007

IBM Tivoli Storage Manager CVE-2016-8916 Local Information Disclosure Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98335

IBM WebSphere Cast Iron Solution CVE-2016-9692 Denial of Service Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98337

IBM Marketing Platform CVE-2016-0255 Unspecified HTML Injection Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98336

ISC BIND CVE-2017-3139 Remote Denial of Service Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98334

Trend Micro Threat Discovery Appliance CVE-2016-8584 Authentication Bypass Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98333

Google Android Mediatek Power Driver CVE-2017-0615 Privilege Escalation Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98188

HP Network Automation Multiple Unspecified Security Vulnerabilities
2017-05-09
http://www.securityfocus.com/bid/98331

Google Android Qualcomm Sound Codec Driver CVE-2016-5862 Privilege Escalation Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98194

Google Android Qualcomm Sound Driver CVE-2016-5347 Information Disclosure Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98218

Google Chrome Prior to 57.0.2987.98 Multiple Security Vulnerabilities
2017-05-09
http://www.securityfocus.com/bid/96767

Google ANGLE CVE-2017-5031 Use After Free Denial of Service Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98326

HP StoreFabric B-series Switches CVE-2016-8202 Remote Privilege Escalation Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98332

Google Android Qualcomm Video Driver CVE-2016-10293 Information Disclosure Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98206

Atlassian SourceTree CVE-2017-8768 Command Injection Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98329

Citrix XenServer Multiple Security Vulnerabilities
2017-05-09
http://www.securityfocus.com/bid/98328

Panda Mobile Security for iOS CVE-2017-8060 TLS Certificate Validation Security Bypass Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98327

Google Android Goodix Touchscreen Driver CVE-2017-0622 Privilege Escalation Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98198

Google Android Qualcomm Crypto Engine Driver CVE-2017-0626 Information Disclosure Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98202

Microsoft Windows SMB Server CVE-2017-0146 Remote Code Execution Vulnerability
2017-05-09
http://www.securityfocus.com/bid/96707

Microsoft Windows SMB Server CVE-2017-0145 Remote Code Execution Vulnerability
2017-05-09
http://www.securityfocus.com/bid/96705

Microsoft Windows SMB Server CVE-2017-0143 Remote Code Execution Vulnerability
2017-05-09
http://www.securityfocus.com/bid/96703

Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability
2017-05-09
http://www.securityfocus.com/bid/96704

Microsoft Windows SMB Server CVE-2017-0147 Information Disclosure Vulnerability
2017-05-09
http://www.securityfocus.com/bid/96709

Oracle Java SE and JRockit CVE-2017-3533 Remote Security Vulnerability
2017-05-09
http://www.securityfocus.com/bid/97740Trend Micro OfficeScan Multiple Privilege Escalation and Cross Site Scripting Vulnerabilities
2017-05-09
http://www.securityfocus.com/bid/98007

IBM Tivoli Storage Manager CVE-2016-8916 Local Information Disclosure Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98335

IBM WebSphere Cast Iron Solution CVE-2016-9692 Denial of Service Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98337

IBM Marketing Platform CVE-2016-0255 Unspecified HTML Injection Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98336

ISC BIND CVE-2017-3139 Remote Denial of Service Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98334

Trend Micro Threat Discovery Appliance CVE-2016-8584 Authentication Bypass Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98333

Google Android Mediatek Power Driver CVE-2017-0615 Privilege Escalation Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98188

HP Network Automation Multiple Unspecified Security Vulnerabilities
2017-05-09
http://www.securityfocus.com/bid/98331

Google Android Qualcomm Sound Codec Driver CVE-2016-5862 Privilege Escalation Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98194

Google Android Qualcomm Sound Driver CVE-2016-5347 Information Disclosure Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98218

Microsoft Windows Unspecified Remote Code Execution Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98330

Google Chrome Prior to 57.0.2987.98 Multiple Security Vulnerabilities
2017-05-09
http://www.securityfocus.com/bid/96767

Google ANGLE CVE-2017-5031 Use After Free Denial of Service Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98326

HP StoreFabric B-series Switches CVE-2016-8202 Remote Privilege Escalation Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98332

Google Android Qualcomm Video Driver CVE-2016-10293 Information Disclosure Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98206

Atlassian SourceTree CVE-2017-8768 Command Injection Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98329

Citrix XenServer Multiple Security Vulnerabilities
2017-05-09
http://www.securityfocus.com/bid/98328

Panda Mobile Security for iOS CVE-2017-8060 TLS Certificate Validation Security Bypass Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98327

Google Android Goodix Touchscreen Driver CVE-2017-0622 Privilege Escalation Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98198

Google Android Qualcomm Crypto Engine Driver CVE-2017-0626 Information Disclosure Vulnerability
2017-05-09
http://www.securityfocus.com/bid/98202

Microsoft Windows SMB Server CVE-2017-0146 Remote Code Execution Vulnerability
2017-05-09
http://www.securityfocus.com/bid/96707

Microsoft Windows SMB Server CVE-2017-0145 Remote Code Execution Vulnerability
2017-05-09
http://www.securityfocus.com/bid/96705

Microsoft Windows SMB Server CVE-2017-0143 Remote Code Execution Vulnerability
2017-05-09
http://www.securityfocus.com/bid/96703

Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability
2017-05-09
http://www.securityfocus.com/bid/96704

Microsoft Windows SMB Server CVE-2017-0147 Information Disclosure Vulnerability
2017-05-09
http://www.securityfocus.com/bid/96709

Oracle Java SE and JRockit CVE-2017-3533 Remote Security Vulnerability
2017-05-09
http://www.securityfocus.com/bid/97740

Oracle Java SE and JRockit CVE-2017-3511 Local Security Vulnerability
2017-05-09
http://www.securityfocus.com/bid/97731

Oracle Java SE and JRockit CVE-2017-3544 Remote Security Vulnerability
2017-05-09
http://www.securityfocus.com/bid/97745

Oracle Java SE CVE-2017-3512 Remote Security Vulnerability
2017-05-09
http://www.securityfocus.com/bid/97727

Oracle Java SE CVE-2017-3514 Remote Security Vulnerability
2017-05-09
http://www.securityfocus.com/bid/97729

SANS News

 

Threatpost

Researchers Disclose Intel AMT Flaw Research

HandBrake for Mac Compromised with Proton Spyware

Hikvision Patches Backdoor in IP Cameras

Exploit

Microsoft Windows 8 / 8.1 / 10 / Windows Server / SCEP, Microsoft Security...

Gemalto SmartDiag Diagnosis Tool < 2.5 - Buffer Overflow (SEH)

Xen 64bit PV Guest - pagetable use-after-type-change Breakout

Linux/x86 - Disable ASLR Shellcode (80 bytes)

Linux/x86-64 - Reverse Shell Shellcode (IPv6) (113 bytes)

RPCBind / libtirpc - Denial of Service

8.5.2017

Bugtraq

 

Malware

 

Phishing

NatWest Bank

7th May 2017

Important Message

NatWest

7th May 2017

JONNYHU321@AOL.COM ACCOUNT
SECURITY VERIFICATION CODE

Vulnerebility

Oracle Java SE and JRockit CVE-2017-3533 Remote Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/97740

Oracle Java SE and JRockit CVE-2017-3511 Local Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/97731

Oracle Java SE and JRockit CVE-2017-3544 Remote Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/97745

Oracle Java SE CVE-2017-3512 Remote Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/97727

Oracle Java SE CVE-2017-3514 Remote Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/97729

Oracle Java SE CVE-2017-3539 Remote Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/97752

Oracle Java SE CVE-2017-3509 Remote Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/97737

Google Android Qualcomm Components CVE-2016-10297 Unspecified Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98241

Mozilla Firefox CVE-2017-5031 Use After Free Denial of Service Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98326

Microsoft Windows SMB Server CVE-2017-0146 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96707

Microsoft Windows SMB Server CVE-2017-0148 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96706

Microsoft Windows SMB Server CVE-2017-0147 Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96709

Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96704

Microsoft Windows SMB Server CVE-2017-0143 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96703

Microsoft Windows SMB Server CVE-2017-0145 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96705

Google Android Kernel Trace Subsystem CVE-2017-0630 Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98213

Google Android Framework Apis CVE-2017-0593 Privilege Escalation Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98126

Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96729

Google Android Framework Apis CVE-2017-0598 Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98133

Google Android Bluetooth CVE-2017-0602 Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98141

Foxit Reader and PhantomPDF CVE-2017-8454 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98320

Google Android Mediaserver CVE-2017-0596 Privilege Escalation Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98130

Google Android Qualcomm Components CVE-2015-9005 Unspecified Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98322

Google Android Mediaserver CVE-2017-0594 Privilege Escalation Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98128

Google Android Qualcomm Components CVE-2015-9006 Unspecified Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98321

Google Android Qualcomm Components CVE-2014-9930 Unspecified Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98323

Google Android Qualcomm Components CVE-2015-9007 Unspecified Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98324

Foxit Reader and PhantomPDF CVE-2017-8455 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98319

Google Android Qualcomm Wi-Fi Driver CVE-2016-10292 Denial Of Service Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98204

Google Android Audioserver CVE-2017-0597 Privilege Escalation Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98131Microsoft Windows SMB Server CVE-2017-0146 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96707

Microsoft Windows SMB Server CVE-2017-0148 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96706

Microsoft Windows SMB Server CVE-2017-0147 Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96709

Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96704

Microsoft Windows SMB Server CVE-2017-0143 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96703

Microsoft Windows SMB Server CVE-2017-0145 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96705

Google Android Kernel Trace Subsystem CVE-2017-0630 Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98213

Google Android Framework Apis CVE-2017-0593 Privilege Escalation Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98126

Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/96729

Google Android Framework Apis CVE-2017-0598 Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98133

Google Android Bluetooth CVE-2017-0602 Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98141

Foxit Reader and PhantomPDF CVE-2017-8454 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98320

Google Android Mediaserver CVE-2017-0596 Privilege Escalation Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98130

Google Android Qualcomm Components CVE-2015-9005 Unspecified Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98322

Google Android Mediaserver CVE-2017-0594 Privilege Escalation Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98128

Google Android Qualcomm Components CVE-2015-9006 Unspecified Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98321

Google Android Qualcomm Components CVE-2014-9930 Unspecified Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98323

Google Android Qualcomm Components CVE-2015-9007 Unspecified Security Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98324

Foxit Reader and PhantomPDF CVE-2017-8455 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98319

Google Android Qualcomm Wi-Fi Driver CVE-2016-10292 Denial Of Service Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98204

Google Android Audioserver CVE-2017-0597 Privilege Escalation Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98131

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98325

Google Android Synaptics Touchscreen Driver CVE-2017-0634 Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98224

Atlassian HipChat for iOS CVE-2017-8058 TLS Certificate Validation Security Bypass Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98318

Multiple Google Devices kernel UVC Driver CVE-2017-0627 Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98205

Multiple Google Devices Qualcomm Camera Driver CVE-2017-0631 Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98216

Apple Safari CVE-2017-2491 Use After Free Remote Code Execution Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98316

Foxit Reader and PhantomPDF CVE-2017-8453 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98317

Cisco TelePresence Collaboration Endpoint CVE-2017-3825 Denial of Service Vulnerability
2017-05-08
http://www.securityfocus.com/bid/98293

MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
2017-05-08
http://www.securityfocus.com/bid/97023

SANS News

Exploring a P2P Transient Botnet - From Discovery to Enumeration

What Can You Learn On Your Own?

Threatpost

 

Exploit

Linux/x86 - Disable ASLR Shellcode (80 bytes)

Linux/x86-64 - Reverse Shell Shellcode (IPv6) (113 bytes)

7.5.2017

Bugtraq

CA20170504-01: Security Notice for CA Client Automation OS Installation Management 2017-05-05
Kotas, Kevin J (Kevin Kotas ca com)

[security bulletin] HPESBHF03736 rev.1 - HPE Aruba and HPE ProVision network switches using Diffie Hellman Group1 Sha1 Exchange Algorithm, Remote Disclosure of Information 2017-05-04
security-alert hpe com

[security bulletin] HPESBGN03740 rev.1 - HPE Network Automation, Multiple Remote Vulnerabilities 2017-05-04
security-alert hpe com

WordPress Core <= 4.7.4 Potential Unauthorized Password Reset (0day) [CVE-2017-8295] 2017-05-03
Dawid Golunski (dawid legalhackers com)

Malware

 

Phishing

anita@beeeco.co.uk

4th May 2017

MWQM-524 & 6106 Steve Scott

service@paypal.co.uk

3rd May 2017

Your account will be limited
until we hear from you.

Vulnerebility

Microsoft Windows SMB Server CVE-2017-0146 Remote Code Execution Vulnerability
2017-05-07
http://www.securityfocus.com/bid/96707

Microsoft Windows SMB Server CVE-2017-0148 Remote Code Execution Vulnerability
2017-05-07
http://www.securityfocus.com/bid/96706

Microsoft Windows SMB Server CVE-2017-0147 Information Disclosure Vulnerability
2017-05-07
http://www.securityfocus.com/bid/96709

Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability
2017-05-07
http://www.securityfocus.com/bid/96704

Microsoft Windows SMB Server CVE-2017-0143 Remote Code Execution Vulnerability
2017-05-07
http://www.securityfocus.com/bid/96703

Microsoft Windows SMB Server CVE-2017-0145 Remote Code Execution Vulnerability
2017-05-07
http://www.securityfocus.com/bid/96705

Google Android Kernel Trace Subsystem CVE-2017-0630 Information Disclosure Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98213

Google Android Framework Apis CVE-2017-0593 Privilege Escalation Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98126

Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
2017-05-07
http://www.securityfocus.com/bid/96729

Google Android Framework Apis CVE-2017-0598 Information Disclosure Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98133

Google Android Bluetooth CVE-2017-0602 Information Disclosure Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98141

Foxit Reader and PhantomPDF CVE-2017-8454 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98320

Google Android Mediaserver CVE-2017-0596 Privilege Escalation Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98130

Google Android Qualcomm Components CVE-2015-9005 Unspecified Security Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98322

Google Android Mediaserver CVE-2017-0594 Privilege Escalation Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98128

Google Android Qualcomm Components CVE-2015-9006 Unspecified Security Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98321

Google Android Qualcomm Components CVE-2014-9930 Unspecified Security Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98323

Google Android Qualcomm Components CVE-2015-9007 Unspecified Security Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98324

Foxit Reader and PhantomPDF CVE-2017-8455 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98319

Google Android Qualcomm Wi-Fi Driver CVE-2016-10292 Denial Of Service Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98204

Google Android Audioserver CVE-2017-0597 Privilege Escalation Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98131

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98325

Google Android Synaptics Touchscreen Driver CVE-2017-0634 Information Disclosure Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98224

Atlassian HipChat for iOS CVE-2017-8058 TLS Certificate Validation Security Bypass Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98318

Multiple Google Devices kernel UVC Driver CVE-2017-0627 Information Disclosure Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98205

Multiple Google Devices Qualcomm Camera Driver CVE-2017-0631 Information Disclosure Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98216

Apple Safari CVE-2017-2491 Use After Free Remote Code Execution Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98316

Foxit Reader and PhantomPDF CVE-2017-8453 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98317

Cisco TelePresence Collaboration Endpoint CVE-2017-3825 Denial of Service Vulnerability
2017-05-07
http://www.securityfocus.com/bid/98293

MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
2017-05-07
http://www.securityfocus.com/bid/97023
Microsoft Windows SMB Server CVE-2017-0146 Remote Code Execution Vulnerability
2017-05-06
http://www.securityfocus.com/bid/96707

Microsoft Windows SMB Server CVE-2017-0148 Remote Code Execution Vulnerability
2017-05-06
http://www.securityfocus.com/bid/96706

Microsoft Windows SMB Server CVE-2017-0147 Information Disclosure Vulnerability
2017-05-06
http://www.securityfocus.com/bid/96709

Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability
2017-05-06
http://www.securityfocus.com/bid/96704

Microsoft Windows SMB Server CVE-2017-0143 Remote Code Execution Vulnerability
2017-05-06
http://www.securityfocus.com/bid/96703

Microsoft Windows SMB Server CVE-2017-0145 Remote Code Execution Vulnerability
2017-05-06
http://www.securityfocus.com/bid/96705

Google Android Kernel Trace Subsystem CVE-2017-0630 Information Disclosure Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98213

Google Android Framework Apis CVE-2017-0593 Privilege Escalation Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98126

Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
2017-05-06
http://www.securityfocus.com/bid/96729

Google Android Framework Apis CVE-2017-0598 Information Disclosure Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98133

Google Android Bluetooth CVE-2017-0602 Information Disclosure Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98141

Foxit Reader and PhantomPDF CVE-2017-8454 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98320

Google Android Mediaserver CVE-2017-0596 Privilege Escalation Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98130

Google Android Qualcomm Components CVE-2015-9005 Unspecified Security Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98322

Google Android Mediaserver CVE-2017-0594 Privilege Escalation Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98128

Google Android Qualcomm Components CVE-2015-9006 Unspecified Security Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98321

Google Android Qualcomm Components CVE-2014-9930 Unspecified Security Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98323

Google Android Qualcomm Components CVE-2015-9007 Unspecified Security Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98324

Foxit Reader and PhantomPDF CVE-2017-8455 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98319

Google Android Qualcomm Wi-Fi Driver CVE-2016-10292 Denial Of Service Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98204

Google Android Audioserver CVE-2017-0597 Privilege Escalation Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98131

Rpcbind CVE-2017-8779 Remote Denial of Service Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98325

Google Android Synaptics Touchscreen Driver CVE-2017-0634 Information Disclosure Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98224

Atlassian HipChat for iOS CVE-2017-8058 TLS Certificate Validation Security Bypass Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98318

Multiple Google Devices kernel UVC Driver CVE-2017-0627 Information Disclosure Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98205

Multiple Google Devices Qualcomm Camera Driver CVE-2017-0631 Information Disclosure Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98216

Apple Safari CVE-2017-2491 Use After Free Remote Code Execution Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98316

Foxit Reader and PhantomPDF CVE-2017-8453 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98317

Cisco TelePresence Collaboration Endpoint CVE-2017-3825 Denial of Service Vulnerability
2017-05-06
http://www.securityfocus.com/bid/98293

MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
2017-05-06
http://www.securityfocus.com/bid/97023Atlassian HipChat for iOS CVE-2017-8058 TLS Certificate Validation Security Bypass Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98318

Multiple Google Devices kernel UVC Driver CVE-2017-0627 Information Disclosure Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98205

Multiple Google Devices Qualcomm Camera Driver CVE-2017-0631 Information Disclosure Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98216

Apple Safari CVE-2017-2491 Use After Free Remote Code Execution Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98316

Foxit Reader and PhantomPDF CVE-2017-8453 Out-Of-Bounds Read Information Disclosure Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98317

Cisco TelePresence Collaboration Endpoint CVE-2017-3825 Denial of Service Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98293

MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
2017-05-05
http://www.securityfocus.com/bid/97023

PCRE 'pcre2_match.c' Stack Buffer Overflow Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98315

Xen CVE-2017-7995 Information Disclosure Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98314

Multiple Hikvision Cameras ICSA-17-124-01 Multiple Securtiy Vulnerabilities
2017-05-05
http://www.securityfocus.com/bid/98313

Google Nexus Nvidia Video Driver CVE-2017-0331 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98150

Google Android Qualcomm Adsprpc Driver CVE-2017-0465 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98184

Dahua Technology Authentication Bypass and Information Disclosure Vulnerabilities
2017-05-05
http://www.securityfocus.com/bid/98312

Advantech WebAccess CVE-2017-7929 Directory Traversal Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98311

Multiple Rockwell Automation Products CVE-2017-6024 Remote Denial of Service Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98309

IBM Maximo Asset Management CVE-2016-9976 Unspecified Remote Code Execution Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98305

Think Mutual Bank Mobile Banking App SSL Certificate Validation Security Bypass Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98308

Google Android Qualcomm Components CVE-2014-9951 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98252

Google Android Qualcomm Components CVE-2014-9941 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98242

Google Android Qualcomm Components CVE-2014-9944 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98245

SCCU Mobile for Android and iPhone SSL Certificate Validation Security Bypass Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98307

Google Android Qualcomm Video Driver CVE-2016-10286 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98165

Google Android Qualcomm Components CVE-2014-9952 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98253

Google Android Qualcomm Components CVE-2014-9945 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98246

Google Android Qualcomm Components CVE-2014-9943 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98244

Google Android Qualcomm Components CVE-2014-9942 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98243

Google Android Qualcomm Components CVE-2014-9947 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98248

Google Android Qualcomm Components CVE-2014-9948 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98249

Google Android Qualcomm Video Driver CVE-2016-10285 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98163

Google Android Qualcomm Driver CVE-2017-0613 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98186

SANS News

The story of the CFO and CEO...

Threatpost

Carbanak Attackers Devise Clever New Persistence Trick

Business Email Compromise Losses Up 2,370 Percent Since 2015

Ultrasonic Beacons Are Tracking Your Every Movement

Supply Chain Update Software Unknowingly Used in Attacks

Exploit

WordPress Plugin WebDorado Gallery 1.3.29 - SQL Injection

ViMbAdmin 3.0.15 - Multiple Cross-Site Request Forgery

CloudBees Jenkins 2.32.1 - Java Deserialization

5.5.2017

Bugtraq

[security bulletin] HPESBHF03736 rev.1 - HPE Aruba and HPE ProVision network switches using Diffie Hellman Group1 Sha1 Exchange Algorithm, Remote Disclosure of Information 2017-05-04
security-alert hpe com

[security bulletin] HPESBGN03740 rev.1 - HPE Network Automation, Multiple Remote Vulnerabilities 2017-05-04
security-alert hpe com

WordPress Core <= 4.7.4 Potential Unauthorized Password Reset (0day) [CVE-2017-8295] 2017-05-03
Dawid Golunski (dawid legalhackers com)

ESA-2017-036: EMC Data Domain Privilege Escalation Vulnerability 2017-05-03
EMC Product Security Response Center (Security_Alert emc com)

Zenario CMS v7.6 - (Delete) Persistent Cross Site Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Zenario v7.6 - Persistent Cross Site Scripting Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Arachni v1.5-0.5.11 - Persistent Cross Site Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Super File Explorer 1.0.1 - Arbitrary File Upload Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Joomla com_tag v1.7.6 - (tag) SQL Injection Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Hola VPN v1.34 - Privilege Escalation Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Malware

 

Phishing

anita@beeeco.co.uk

4th May 2017

MWQM-524 & 6106 Steve Scott

service@paypal.co.uk

3rd May 2017

Your account will be limited
until we hear from you.

spoof

3rd May 2017

Sure thing!

Vulnerebility

Advantech WebAccess CVE-2017-7929 Directory Traversal Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98311

Multiple Rockwell Automation Products CVE-2017-6024 Remote Denial of Service Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98309

IBM Maximo Asset Management CVE-2016-9976 Unspecified Remote Code Execution Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98305

Think Mutual Bank Mobile Banking App SSL Certificate Validation Security Bypass Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98308

Google Android Qualcomm Components CVE-2014-9951 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98252

Google Android Qualcomm Components CVE-2014-9941 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98242

Google Android Qualcomm Components CVE-2014-9944 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98245

SCCU Mobile for Android and iPhone SSL Certificate Validation Security Bypass Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98307

Google Android Qualcomm Video Driver CVE-2016-10286 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98165

Google Android Qualcomm Components CVE-2014-9952 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98253

Google Android Qualcomm Components CVE-2014-9945 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98246

Google Android Qualcomm Components CVE-2014-9943 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98244

Google Android Qualcomm Components CVE-2014-9942 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98243

Google Android Qualcomm Components CVE-2014-9947 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98248

Google Android Qualcomm Components CVE-2014-9948 Unspecified Security Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98249

Google Android Qualcomm Video Driver CVE-2016-10285 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98163

Google Android Qualcomm Driver CVE-2017-0613 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98186

Google Android Qualcomm Networking Driver CVE-2016-5868 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98197

Google Android Qualcomm Sound Codec Driver CVE-2016-5858 Information Disclosure Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98215

Google Android Qualcomm Video Driver CVE-2016-10284 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98162

QEMU 'megasas_mmio_write()' Function Out-of-Bounds Read Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98303

Google Android Kernel Performance Subsystem CVE-2015-9004 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98166

LibTIFF CVE-2017-7595 Divide By Zero Denial of Service Vulnerability
2017-05-05
http://www.securityfocus.com/bid/97501

Apache FOP CVE-2017-5661 XML External Entity Information Disclosure Vulnerability
2017-05-05
http://www.securityfocus.com/bid/97947

Google Android Qualcomm Wi-fi Driver CVE-2017-0624 Information Disclosure Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98200

Trend Micro OfficeScan Multiple Privilege Escalation and Cross Site Scripting Vulnerabilities
2017-05-05
http://www.securityfocus.com/bid/98007

IBM BigFix Remote Control CVE-2016-2930 Security Bypass Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98304

QEMU CVE-2017-8309 Denial of Service Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98302

IBM Tealeaf Customer Experience CVE-2016-0382 Local Information Disclosure Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98301

Google Android Htc Bootloader CVE-2017-0623 Privilege Escalation Vulnerability
2017-05-05
http://www.securityfocus.com/bid/98199

SANS News

HTTP Headers... the Achilles' heel of many applications

Threatpost

Unpatched WordPress Password Reset Vulnerability Lingers

Blackmoon Banking Trojan Using New Infection Technique

Many Commercial Drones ‘Insecure by Design’

Stealthy RAT Targeting North Korea Since 2014

Exploit

Safari 10.0.3 - 'JSC::CachedCall' Use-After-Free

WordPress 4.6 - Unauthenticated Remote Code Execution

WordPress < 4.7.4 - Unauthorized Password Reset

4.5.2017

Bugtraq

WordPress Core <= 4.7.4 Potential Unauthorized Password Reset (0day) [CVE-2017-8295] 2017-05-03
Dawid Golunski (dawid legalhackers com)

ESA-2017-036: EMC Data Domain Privilege Escalation Vulnerability 2017-05-03
EMC Product Security Response Center (Security_Alert emc com)

Zenario CMS v7.6 - (Delete) Persistent Cross Site Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Zenario v7.6 - Persistent Cross Site Scripting Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Arachni v1.5-0.5.11 - Persistent Cross Site Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Super File Explorer 1.0.1 - Arbitrary File Upload Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Joomla com_tag v1.7.6 - (tag) SQL Injection Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Hola VPN v1.34 - Privilege Escalation Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Mura CMS Cross-Site Scripting (XSS) Vulnerability 2017-05-03
Leon Zhao 7 gmail com

[SECURITY] [DSA 3843-1] tomcat8 security update 2017-05-03
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 3842-1] tomcat7 security update 2017-05-03
Sebastien Delafond (seb debian org)

Malware

Trojan:Win32/Fuery.A!cl
Trojan:Win32/Fuery.B!cl

Phishing

anita@beeeco.co.uk

4th May 2017

MWQM-524 & 6106 Steve Scott

service@paypal.co.uk

3rd May 2017

Your account will be limited
until we hear from you.

spoof

3rd May 2017

Sure thing!

BT Internet UK

2nd May 2017

Changes To Your Account

spoof

2nd May 2017

Hayes wants to get paid.

Vulnerebility

Multiple Intel Products CVE-2017-5689 Privilege Escalation Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98269

Multiple Google Devices Qualcomm Camera Driver CVE-2017-0631 Information Disclosure Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98216

Drupal Shibboleth authentication Module Access Bypass Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98299

Cisco Aironet Access Points CVE-2017-3873 Arbitrary Code Execution Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98296

WordPress Password Reset CVE-2017-8295 Security Bypass Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98295

Cisco Wide Area Application Services CVE-2017-6628 Remote Denial of Service Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98294

Google Android HTC Touchscreen Driver CVE-2017-0563 Privilege Escalation Vulnerability
2017-05-04
http://www.securityfocus.com/bid/97342

Cisco TelePresence Collaboration Endpoint CVE-2017-3825 Denial of Service Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98293

Cisco Firepower System Software CVE-2016-6368 Denial of Service Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98292

Cisco Finesse CVE-2017-6626 Information Disclosure Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98291

Cisco IOS Software CVE-2017-6624 Unauthorized Access Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98283

Cisco CVR100W Wireless-N VPN Router CVE-2017-6620 Security Bypass Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98289

Cisco IOS XR Software CVE-2017-3876 Denial of Service Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98284

Cisco CVR100W Wireless-N VPN Router CVE-2017-3882 Buffer Overflow Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98287

Google Chrome CVE-2017-5068 Unspecified Race Condition Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98288

Cisco Unity Connection CVE-2017-6629 Unauthorized Access Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98286

Google Chrome Prior to 58.0.3029.81 Multiple Security Vulnerabilities
2017-05-04
http://www.securityfocus.com/bid/97939

Google gRPC CVE-2017-8359 Heap Buffer Overflow Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98280

QEMU CVE-2017-8379 Denial of Service Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98277

Atlassian Hipchat Server CVE-2017-8080 Remote Code Execution Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98262

Google Android Mediaserver CVE-2017-0603 Denial Of Service Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98143

Google Android Broadcom Wi-fi Driver CVE-2017-0633 Information Disclosure Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98223

CyberVision Kaa IoT Platform CVE-2017-7911 Remote Code Injection Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98256

Advantech B+B SmartWorx MESR901 CVE-2017-7909 Authentication Bypass Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98257

Wonderware Historian Client CVE-2017-7907 Local XML External Entity Injection Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98254

Google Android Qualcomm Sound Driver CVE-2017-0610 Privilege Escalation Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98255

Google Android Qualcomm Sound Driver CVE-2016-5859 Privilege Escalation Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98175

Google Android Qualcomm Sound Driver CVE-2016-5853 Privilege Escalation Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98178

Google Android Qualcomm Sound Driver CVE-2017-0609 Privilege Escalation Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98174

Google Android Qualcomm Sound Driver CVE-2017-0608 Privilege Escalation Vulnerability
2017-05-04
http://www.securityfocus.com/bid/98172

SANS News

OAUTH phishing against Google Docs ? beware!

Threatpost

Proposed NIST Password Guidelines Soften Length, Complexity Focus

Researcher: ‘Baseless Assumptions’ Exist About Intel AMT Vulnerability

Sabre Corp. Investigating Breach of Reservation System

Exploit

Microsoft Internet Explorer 11 - 'CMarkup::DestroySplayTree' Use-After-Free

WordPress 4.6 - Unauthenticated Remote Code Execution

WordPress < 4.7.4 - Unauthorized Password Reset

Serviio PRO 1.8 DLNA Media Streaming Server - REST API Information Disclosure

Serviio PRO 1.8 DLNA Media Streaming Server - REST API Arbitrary Password Change

Serviio PRO 1.8 DLNA Media Streaming Server - REST API Arbitrary Code Execution

Serviio PRO 1.8 DLNA Media Streaming Server - Local Privilege Escalation

3.5.2017

Bugtraq

Zenario CMS v7.6 - (Delete) Persistent Cross Site Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Zenario v7.6 - Persistent Cross Site Scripting Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Arachni v1.5-0.5.11 - Persistent Cross Site Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Super File Explorer 1.0.1 - Arbitrary File Upload Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Joomla com_tag v1.7.6 - (tag) SQL Injection Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Hola VPN v1.34 - Privilege Escalation Vulnerability 2017-05-03
Vulnerability Lab (research vulnerability-lab com)

Mura CMS Cross-Site Scripting (XSS) Vulnerability 2017-05-03
Leon Zhao 7 gmail com

[SECURITY] [DSA 3843-1] tomcat8 security update 2017-05-03
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 3842-1] tomcat7 security update 2017-05-03
Sebastien Delafond (seb debian org)

MODX Revolution 2.0.1-pl - 2.5.6-pl blind SQLi 2017-05-02
Anti Räis (antirais gmail com)

[security bulletin] HPESBHF03741 rev.1 - HPE Network products including Comware 7, IMC, and VCX running OpenSSL, Local Unauthorized Disclosure of Information, Remote Denial of Service (DoS), Unauthorized Disclosure of Information 2017-05-02
security-alert hpe com

IML 2017 Conference, ACM digital library proceedings, Venue: Liverpool John Moores University, United Kingdom 2017-04-29
IML 2017 Conference (cfp iml-conference site)

SyntaxHighlight MediaWiki extension allows injection of arbitrary Pygments options 2017-04-29
Securify B.V. (lists securify nl)

Multiple local privilege escalation vulnerabilities in HideMyAss Pro VPN client v2.x for OS X 2017-04-29
Securify B.V. (lists securify nl)

[security bulletin] HPESBHF03738 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2017-04-28
security-alert hpe com

[SECURITY] [DSA 3838-1] ghostscript security update 2017-04-28
Salvatore Bonaccorso (carnil debian org)

Malware

 

Phishing

BT Internet UK

2nd May 2017

Changes To Your Account

spoof

2nd May 2017

Hayes wants to get paid.

spoof

2nd May 2017

You, I like you.

spoof

2nd May 2017

The .jpg is real.

Vulnerebility

Google Android Broadcom Wi-fi Driver CVE-2017-0633 Information Disclosure Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98223

CyberVision Kaa IoT Platform CVE-2017-7911 Remote Code Injection Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98256

Advantech B+B SmartWorx MESR901 CVE-2017-7909 Authentication Bypass Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98257

Wonderware Historian Client CVE-2017-7907 Local XML External Entity Injection Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98254

Google Android Qualcomm Sound Driver CVE-2017-0610 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98255

Google Android Qualcomm Sound Driver CVE-2016-5859 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98175Google Android Qualcomm Sound Driver CVE-2017-0609 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98174

Google Android Qualcomm Sound Driver CVE-2017-0608 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98172

Google Android Qualcomm Sound Driver CVE-2016-5867 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98170

Google Android Qualcomm Sound Driver CVE-2017-0607 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98171

Google Android Qualcomm Sound Driver CVE-2016-10287 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98167

Google Android Qualcomm Sound Driver CVE-2017-0606 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98168

EMC RSA Security Analytics CVE-2016-8215 Unspecified Cross Site Scripting Vulnerability
2017-05-03
http://www.securityfocus.com/bid/95718
Google Android Mediaserver CVE-2017-0595 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98129

Google Android Qualcomm Components CVE-2014-9946 Unspecified Security Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98247

Google Android Qualcomm Components CVE-2014-9950 Unspecified Security Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98251

Google Android Qualcomm Sound Driver CVE-2017-0611 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98177

Google Android Qualcomm Components CVE-2014-9949 Unspecified Security Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98250

Google Android Qualcomm Camera Driver CVE-2017-0628 Information Disclosure Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98211

Google Android Qualcomm Sound Driver CVE-2016-5860 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98169

Google Android CVE-2017-0561 Remote Code Execution Vulnerability
2017-05-03
http://www.securityfocus.com/bid/97367

Google Android Qualcomm Camera Driver CVE-2017-0629 Information Disclosure Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98212

Google Android Qualcomm Wi-Fi Driver CVE-2016-10283 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98160

Google Android Motorola Bootloader CVE-2016-10277 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98149

Google Android Qualcomm Driver CVE-2017-0614 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98187

Google Android Qualcomm Bootloader CVE-2016-10276 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98148

Google Android Qualcomm Bootloader CVE-2016-10275 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98146

Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/90989

Google Android Qualcomm Sound Codec Driver CVE-2017-0632 Information Disclosure Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98221

Google Android File-based Encryption CVE-2017-0493 Information Disclosure Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98140

Google Android Qualcomm CVE-2017-0612 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98231

Google Android Qualcomm Shared Memory Driver CVE-2016-10290 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98182

Google Android Qualcomm Slimbus Driver CVE-2016-10291 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98183

Google Android Mediaserver CVE-2017-0587 Remote Code Execution Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98119

Google Android Qualcomm Camera Driver CVE-2017-0621 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98196

Google Android Kernel Trace Subsystem CVE-2017-0605 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98152

Google Android Bluetooth CVE-2017-0601 Privilege Escalation Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98137

Google Android Mediaserver CVE-2017-0588 Remote Code Execution Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98120

Google Android Mediaserver CVE-2017-0589 Remote Code Execution Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98122

ImageMagick CVE-2017-8343 Denial of Service Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98132

Google Android Mediaserver CVE-2017-0590 Remote Code Execution Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98123

IBM Insights Foundation for Energy CVE-2017-1141 Information Disclosure Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98161

IBM WebSphere Application Server CVE-2017-1194 Cross Site Request Forgery Vulnerability
2017-05-03
http://www.securityfocus.com/bid/98142

SANS News

Powershelling with exploits

Threatpost

Malware Hunter Crawls Internet Looking for RAT C2s

DDoS Attacks Can Cost Businesses Up to $2.5M Per Attack, Report Says

IBM: Destroy USBs Infected with Malware Dropper

Shamoon Collaborator Greenbug Adopts New Communication Tool

Exploit

Ghostscript 9.21 - Type Confusion Arbitrary Command Execution (Metasploit)

2.5.2017

Bugtraq

 

Malware

 

Phishing

spoof

2nd May 2017

The .jpg is real.

CardApprovalUSA

1st May 2017

Open a new credit account

spoof

1st May 2017

E-I-E-I-O!!

Moneygram office

1st May 2017

Dear Customer

Allergens U. Manson

1st May 2017

Like a plauge?

Vulnerebility

Google Android File-based Encryption CVE-2017-0493 Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98140

Google Android Mediaserver CVE-2017-0588 Remote Code Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98120

Google Android Mediaserver CVE-2017-0589 Remote Code Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98122

ImageMagick CVE-2017-8343 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98132

Google Android Mediaserver CVE-2017-0590 Remote Code Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98123

IBM Insights Foundation for Energy CVE-2017-1141 Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98161

IBM WebSphere Application Server CVE-2017-1194 Cross Site Request Forgery Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98142

Google Android Mediaserver CVE-2017-0591 Remote Code Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98124

Google Android Mediaserver CVE-2017-0592 Remote Code Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98125

Multiple Siklu EtherHaul Devices CVE-2017-7318 Remote Command Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97227

ImageMagick CVE-2017-8344 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98136

ImageMagick CVE-2017-8345 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98138

libevent Multiple Security Vulnerabilities
2017-05-02
http://www.securityfocus.com/bid/96014

Mozilla Firefox Multiple Security Vulnerabilities
2017-05-02
http://www.securityfocus.com/bid/97940

Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98050

Randombit Botan CVE-2017-2801 Certificate Validation Security Bypass Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98106

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2017-05-02
http://www.securityfocus.com/bid/93793

Huawei eSpace IAD CVE-2016-8271 Remote Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98096

Gnulib CVE-2017-7476 Local Heap Overflow Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98098

NetIQ Access Manager CVE-2017-5191 Cross Site Scripting Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98093

WordPress CopySafe Web Protection Plugin CVE-2017-8100 Cross Site Request Forgery Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98091

Zabbix Proxy Server CVE-2017-2825 Man in the Middle Security Bypass Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98094

SaltStack Salt CVE-2017-8109 Local Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98095

FreeBSD CVE-2017-1081 Use After Free Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98089

Revive Adserver Multiple Security Vulnerabilities
2017-05-02
http://www.securityfocus.com/bid/83964

Zimbra Collaboration Suite CVE-2017-6813 Unspecified Privilege Escalation Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98087

Technicolor DPC3928SL CVE-2017-5135 SNMP Authentication Bypass Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98092

Zimbra Collaboration Suite CVE-2017-6821 Unspecified Security Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98090

HP Intelligent Management Center Multiple Unspecified Remote Code Execution Vulnerabilities
2017-05-02
http://www.securityfocus.com/bid/98088

Zimbra Collaboration Suite CVE-2017-7288 Unspecified HTML Injection Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98081OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/93150

OpenSSL CVE-2016-6305 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/93149

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/92628

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2017-05-02
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/92117

Cisco Firepower System Software CVE-2016-6368 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97932

Cisco IOS XE Software CVE-2017-6615 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97930

Cisco Prime Infrastructure CVE-2017-6611 Cross Site Scripting Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97931

Cisco Integrated Management Controller CVE-2017-6616 Remote Code Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97928

Cisco Integrated Management Controller CVE-2017-6617 Session Hijacking Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97929

Cisco Integrated Management Controller CVE-2017-6618 Cross Site Scripting Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97927

Cisco FindIT Network Probe CVE-2017-6614 Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97926

Cisco Integrated Management Controller CVE-2017-6619 Remote Command Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97925

Cisco ASA Software and FTD Software CVE-2017-3793 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97923

Cisco Prime Network Registrar CVE-2017-6613 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97924

Cisco Unified Communications Manager CVE-2017-3808 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97922

VMware Workstation and Horizon Client CVE-2017-4913 Integer Overflow Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97920

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/93152

VMware Workstation and Horizon View Client CVE-2017-4912 Remote Code Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97921

IBM Cognos TM1 CVE-2016-3036 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97918

VMware Workstation and Horizon View Client CVE-2017-4911 Remote Code Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97916

IBM Cognos TM1 CVE-2016-3037 Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97917

IBM Cognos TM1 CVE-2016-3038 Cross Site Scripting Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97915

VMware Unified Access Gateway and Horizon View Heap Based Buffer Overflow Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97914

VMware Workstation and Horizon View Client CVE-2017-4910 Remote Code Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97913

OpenSSL CVE-2016-6308 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/93151

YUI 'SWF' File Multiple Cross-Site Scripting Vulnerabilities
2017-05-02
http://www.securityfocus.com/bid/56385Randombit Botan CVE-2017-2801 Certificate Validation Security Bypass Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98106

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2017-05-02
http://www.securityfocus.com/bid/93793

Huawei eSpace IAD CVE-2016-8271 Remote Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98096

Gnulib CVE-2017-7476 Local Heap Overflow Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98098

NetIQ Access Manager CVE-2017-5191 Cross Site Scripting Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98093

WordPress CopySafe Web Protection Plugin CVE-2017-8100 Cross Site Request Forgery Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98091

Zabbix Proxy Server CVE-2017-2825 Man in the Middle Security Bypass Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98094

SaltStack Salt CVE-2017-8109 Local Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98095

FreeBSD CVE-2017-1081 Use After Free Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98089

Revive Adserver Multiple Security Vulnerabilities
2017-05-02
http://www.securityfocus.com/bid/83964

Zimbra Collaboration Suite CVE-2017-6813 Unspecified Privilege Escalation Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98087

Technicolor DPC3928SL CVE-2017-5135 SNMP Authentication Bypass Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98092

Zimbra Collaboration Suite CVE-2017-6821 Unspecified Security Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98090

HP Intelligent Management Center Multiple Unspecified Remote Code Execution Vulnerabilities
2017-05-02
http://www.securityfocus.com/bid/98088

Zimbra Collaboration Suite CVE-2017-7288 Unspecified HTML Injection Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98081

Avast! Antivirus CVE-2017-8307 Arbitrary File Deletion Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98086

Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
2017-05-02
http://www.securityfocus.com/bid/98085

symetrie CVE-2017-7386 Cross Site Scripting Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98082

Zabbix CVE-2017-2824 Command Injection Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98083

Avast! Antivirus CVE-2017-8308 Security Bypass Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98084

McAfee Security Scan Plus CVE-2016-8026 Unspecified Local Command Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98068

illumos CVE-2016-6561 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98079

eXtplorer CVE-2016-4313 Local Directory Traversal Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98069

YARA 'yara_yyparse()' Function Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98080

YARA 'yy_get_next_buffer()' Function Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98077

YARA CVE-2017-5924 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98075

Multiple IBM Products CVE-2016-9693 Unspecified Arbitrary File Download Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98074

YARA CVE-2016-10211 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98078

LibreSSL CVE-2017-8301 Certificate Validation Security Bypass Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98076

Multiple IBM Products CVE-2016-9723 Cross Site Scripting Vulnerability
2017-05-02
http://www.securityfocus.com/bid/98073Red Hat OpenShift Enterprise CVE-2016-5409 Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97988

WeeChat CVE-2017-8073 Buffer Overflow Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97987

pcs CVE-2016-0720 Cross Site Request Forgery Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97984

Linux Kernel CVE-2010-5329 Local Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97986

TP-Link TL-SG108E CVE-2017-8078 Security Bypass Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97985

TP-Link TL-SG108E CVE-2017-8075 Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97983

TP-Link TL-SG108E CVE-2017-8074 Information Disclosure Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97981

Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97982

podofo CVE-2017-7994 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97980

Shopware CVE-2016-3109 Arbitrary Code Execution Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97979

XOOPS CVE-2017-7944 Cross Site Scripting Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97978

pcs daemon CVE-2016-0721 Session Fixation Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97977

Linux Kernel CVE-2017-8064 Local Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97975

NTP CVE-2016-7427 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/94447

NTP CVE-2016-7429 Local Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/94453

NTP CVE-2015-8158 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/81814

NTP CVE-2015-8138 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/81811

Linux Kernel CVE-2017-8062 Local Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97973

NTP CVE-2016-7431 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/94454

Linux Kernel CVE-2017-8063 Local Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97974

NTP CVE-2015-7979 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/81816

Cybozu Kintone App CVE-2016-1186 SSL Certificate Validation Security Bypass Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97976

NTP CVE-2015-7973 Security Bypass Vulnerability
2017-05-02
http://www.securityfocus.com/bid/81963

Linux Kernel CVE-2017-8061 Local Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97972

QEMU 'hw/9pfs/9p-local.c' Privilege Escalation Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97970

NTP CVE-2016-9310 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/94452

Linux Kernel CVE-2017-7979 Local Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97969

Apache ActiveMQ CVE-2015-7559 Denial of Service Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97967

Perl YAML-LibYAML Module 'perl_libyaml.c' Multiple Format String Vulnerabilities
2017-05-02
http://www.securityfocus.com/bid/52381

Minicom CVE-2017-7467 Local Buffer Overflow Vulnerability
2017-05-02
http://www.securityfocus.com/bid/97966

SANS News

Do you have Intel AMT? Then you have a problem today! Intel Active Management Technology INTEL-SA-00075

Threatpost

Apple Revokes Certificate Used By OSX/Dok Malware

Fuze Patches Bug That Exposed Recordings of Private Business Meetings

Exploit

Alerton Webtalk 2.5 / 3.3 - Multiple Vulnerabilities

Tuleap Project Wiki 8.3 <= 9.6.99.86 - Command Injection

HideMyAss Pro VPN Client for OS X 2.2.7.0 - Privilege Escalation

HideMyAss Pro VPN Client for macOS 3.x - Privilege Escalation

MySQL <= 5.6.35 / <= 5.7.17 - Integer Overflow

1.5.2017

Bugtraq

IML 2017 Conference, ACM digital library proceedings, Venue: Liverpool John Moores University, United Kingdom 2017-04-29
IML 2017 Conference (cfp iml-conference site)

SyntaxHighlight MediaWiki extension allows injection of arbitrary Pygments options 2017-04-29
Securify B.V. (lists securify nl)

Multiple local privilege escalation vulnerabilities in HideMyAss Pro VPN client v2.x for OS X 2017-04-29
Securify B.V. (lists securify nl)

[security bulletin] HPESBHF03738 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2017-04-28
security-alert hpe com

[SECURITY] [DSA 3838-1] ghostscript security update 2017-04-28
Salvatore Bonaccorso (carnil debian org)

Malware

Trojan:Win32/Msposer.C 

Phishing

Moneygram office

1st May 2017

Dear Customer

Allergens U. Manson

1st May 2017

Like a plauge?

spoof

30th April 2017

Spies?

WhatsApp

30th April 2017

Subscription has Expired

? Morrisons ?

30th April 2017

Steve Scott, your Morrisons
present is here

SunTrust

29th April 2017

Unusual activity detected In
Your SunTrust Account

Vulnerebility

Gnulib CVE-2017-7476 Local Heap Overflow Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98098

NetIQ Access Manager CVE-2017-5191 Cross Site Scripting Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98093

WordPress CopySafe Web Protection Plugin CVE-2017-8100 Cross Site Request Forgery Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98091

Zabbix Proxy Server CVE-2017-2825 Man in the Middle Security Bypass Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98094

SaltStack Salt CVE-2017-8109 Local Information Disclosure Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98095

FreeBSD CVE-2017-1081 Use After Free Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98089

Revive Adserver Multiple Security Vulnerabilities
2017-05-01
http://www.securityfocus.com/bid/83964

Zimbra Collaboration Suite CVE-2017-6813 Unspecified Privilege Escalation Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98087

Technicolor DPC3928SL CVE-2017-5135 SNMP Authentication Bypass Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98092

Zimbra Collaboration Suite CVE-2017-6821 Unspecified Security Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98090

HP Intelligent Management Center Multiple Unspecified Remote Code Execution Vulnerabilities
2017-05-01
http://www.securityfocus.com/bid/98088

Zimbra Collaboration Suite CVE-2017-7288 Unspecified HTML Injection Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98081

Avast! Antivirus CVE-2017-8307 Arbitrary File Deletion Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98086

Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
2017-05-01
http://www.securityfocus.com/bid/98085

symetrie CVE-2017-7386 Cross Site Scripting Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98082

Zabbix CVE-2017-2824 Command Injection Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98083

Avast! Antivirus CVE-2017-8308 Security Bypass Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98084

McAfee Security Scan Plus CVE-2016-8026 Unspecified Local Command Execution Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98068

illumos CVE-2016-6561 Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98079

eXtplorer CVE-2016-4313 Local Directory Traversal Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98069

YARA 'yara_yyparse()' Function Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98080

YARA 'yy_get_next_buffer()' Function Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98077

YARA CVE-2017-5924 Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98075

Multiple IBM Products CVE-2016-9693 Unspecified Arbitrary File Download Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98074

YARA CVE-2016-10211 Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98078

LibreSSL CVE-2017-8301 Certificate Validation Security Bypass Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98076

Multiple IBM Products CVE-2016-9723 Cross Site Scripting Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98073

YARA CVE-2017-8294 Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98072

GNOME gnome-shell CVE-2017-8288 Lock Screen Local Security Bypass Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98070

Jenkins CVE-2017-1000355 Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98066HP Intelligent Management Center Multiple Unspecified Remote Code Execution Vulnerabilities
2017-05-01
http://www.securityfocus.com/bid/98088

Zimbra Collaboration Suite CVE-2017-7288 Unspecified HTML Injection Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98081

Avast! Antivirus CVE-2017-8307 Arbitrary File Deletion Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98086

Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
2017-05-01
http://www.securityfocus.com/bid/98085

symetrie CVE-2017-7386 Cross Site Scripting Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98082

Zabbix CVE-2017-2824 Command Injection Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98083

Avast! Antivirus CVE-2017-8308 Security Bypass Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98084

McAfee Security Scan Plus CVE-2016-8026 Unspecified Local Command Execution Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98068

illumos CVE-2016-6561 Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98079

eXtplorer CVE-2016-4313 Local Directory Traversal Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98069

YARA 'yara_yyparse()' Function Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98080

YARA 'yy_get_next_buffer()' Function Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98077

YARA CVE-2017-5924 Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98075

Multiple IBM Products CVE-2016-9693 Unspecified Arbitrary File Download Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98074

YARA CVE-2016-10211 Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98078

LibreSSL CVE-2017-8301 Certificate Validation Security Bypass Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98076

Multiple IBM Products CVE-2016-9723 Cross Site Scripting Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98073

YARA CVE-2017-8294 Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98072

GNOME gnome-shell CVE-2017-8288 Lock Screen Local Security Bypass Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98070

Jenkins CVE-2017-1000355 Denial of Service Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98066

Squirrelmail CVE-2017-7692 Command Injection Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98067

GE Multiple Products CVE-2017-7905 Weak Password Security Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98063

dpkg CVE-2017-8283 Directory Traversal Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98064

Jenkins CVE-2017-1000354 User Impersonation Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98065

Jenkins CVE-2017-1000356 Multiple Cross Site Request Forgery Vulnerabilities
2017-05-01
http://www.securityfocus.com/bid/98062

Oracle E-Business Suite CVE-2017-3342 Remote Security Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98061

Oracle E-Business Suite CVE-2017-3356 Remote Security Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98058

Oracle E-Business Suite CVE-2017-3347 Remote Security Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98060

Oracle E-Business Suite CVE-2017-3355 Remote Security Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98059

Jenkins Java Deserialization CVE-2017-1000353 Remote Code Execution Vulnerability
2017-05-01
http://www.securityfocus.com/bid/98056

SANS News

 

Threatpost

Flickr Vulnerability Worth $7K Bounty to Researcher

Exploit

Panda Free Antivirus - 'PSKMAD.sys' Denial of Service

Emby MediaServer 3.2.5 - SQL Injection

Emby MediaServer 3.2.5 - Password Reset

Emby MediaServer 3.2.5 - Directory Traversal

IrfanView 4.44 - Denial of Service

30.4.2017

Bugtraq

[security bulletin] HPESBHF03738 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2017-04-28
security-alert hpe com

[SECURITY] [DSA 3838-1] ghostscript security update 2017-04-28
Salvatore Bonaccorso (carnil debian org)

Apple iOS 10.2 & 10.3 - Control Panel Denial of Service Vulnerability 2017-04-28
Vulnerability Lab (research vulnerability-lab com)

Live Helper Chat - Cross-Site Scripting 2017-04-28
Advisories (advisories compass-security com)

Malware

Trojan:PDF/Tetomek.A 

Phishing

WhatsApp

30th April 2017

Subscription has Expired

? Morrisons ?

30th April 2017

Steve Scott, your Morrisons
present is here

SunTrust

29th April 2017

Unusual activity detected In
Your SunTrust Account

spoof

29th April 2017

What did he hit?

CardApprovalUSA

28th April 2017

Open a new credit account

Vulnerebility

Avast! Antivirus CVE-2017-8307 Arbitrary File Deletion Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98086

Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
2017-04-30
http://www.securityfocus.com/bid/98085

symetrie CVE-2017-7386 Cross Site Scripting Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98082

Zabbix CVE-2017-2824 Command Injection Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98083

Zimbra Collaboration Suite CVE-2017-7288 Unspecified HTML Injection Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98081

Avast! Antivirus CVE-2017-8308 Security Bypass Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98084

McAfee Security Scan Plus CVE-2016-8026 Unspecified Local Command Execution Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98068

illumos CVE-2016-6561 Denial of Service Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98079

eXtplorer CVE-2016-4313 Local Directory Traversal Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98069

YARA 'yara_yyparse()' Function Denial of Service Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98080

YARA 'yy_get_next_buffer()' Function Denial of Service Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98077

YARA CVE-2017-5924 Denial of Service Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98075

Multiple IBM Products CVE-2016-9693 Unspecified Arbitrary File Download Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98074

YARA CVE-2016-10211 Denial of Service Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98078

LibreSSL CVE-2017-8301 Certificate Validation Security Bypass Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98076

Multiple IBM Products CVE-2016-9723 Cross Site Scripting Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98073

YARA CVE-2017-8294 Denial of Service Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98072

GNOME gnome-shell CVE-2017-8288 Lock Screen Local Security Bypass Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98070

Jenkins CVE-2017-1000355 Denial of Service Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98066

Squirrelmail CVE-2017-7692 Command Injection Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98067

GE Multiple Products CVE-2017-7905 Weak Password Security Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98063

dpkg CVE-2017-8283 Directory Traversal Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98064

Jenkins CVE-2017-1000354 User Impersonation Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98065

Jenkins CVE-2017-1000356 Multiple Cross Site Request Forgery Vulnerabilities
2017-04-30
http://www.securityfocus.com/bid/98062

Oracle E-Business Suite CVE-2017-3342 Remote Security Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98061

Oracle E-Business Suite CVE-2017-3356 Remote Security Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98058

Oracle E-Business Suite CVE-2017-3347 Remote Security Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98060

Oracle E-Business Suite CVE-2017-3355 Remote Security Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98059

Jenkins Java Deserialization CVE-2017-1000353 Remote Code Execution Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98056

Mediawiki 'Parser::replaceInternalLinks2()' Method Cross-Site Scripting Vulnerability
2017-04-30
http://www.securityfocus.com/bid/98057Avast! Antivirus CVE-2017-8307 Arbitrary File Deletion Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98086

Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
2017-04-29
http://www.securityfocus.com/bid/98085

symetrie CVE-2017-7386 Cross Site Scripting Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98082

Zabbix CVE-2017-2824 Command Injection Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98083

Zimbra Collaboration Suite CVE-2017-7288 Unspecified HTML Injection Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98081

Avast! Antivirus CVE-2017-8308 Security Bypass Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98084

McAfee Security Scan Plus CVE-2016-8026 Unspecified Local Command Execution Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98068

illumos CVE-2016-6561 Denial of Service Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98079

eXtplorer CVE-2016-4313 Local Directory Traversal Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98069

YARA 'yara_yyparse()' Function Denial of Service Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98080

YARA 'yy_get_next_buffer()' Function Denial of Service Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98077

YARA CVE-2017-5924 Denial of Service Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98075

Multiple IBM Products CVE-2016-9693 Unspecified Arbitrary File Download Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98074

YARA CVE-2016-10211 Denial of Service Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98078

LibreSSL CVE-2017-8301 Certificate Validation Security Bypass Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98076

Multiple IBM Products CVE-2016-9723 Cross Site Scripting Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98073

YARA CVE-2017-8294 Denial of Service Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98072

GNOME gnome-shell CVE-2017-8288 Lock Screen Local Security Bypass Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98070

Jenkins CVE-2017-1000355 Denial of Service Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98066

Squirrelmail CVE-2017-7692 Command Injection Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98067

GE Multiple Products CVE-2017-7905 Weak Password Security Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98063

dpkg CVE-2017-8283 Directory Traversal Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98064

Jenkins CVE-2017-1000354 User Impersonation Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98065

Jenkins CVE-2017-1000356 Multiple Cross Site Request Forgery Vulnerabilities
2017-04-29
http://www.securityfocus.com/bid/98062

Oracle E-Business Suite CVE-2017-3342 Remote Security Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98061

Oracle E-Business Suite CVE-2017-3356 Remote Security Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98058

Oracle E-Business Suite CVE-2017-3347 Remote Security Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98060

Oracle E-Business Suite CVE-2017-3355 Remote Security Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98059

Jenkins Java Deserialization CVE-2017-1000353 Remote Code Execution Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98056

Mediawiki 'Parser::replaceInternalLinks2()' Method Cross-Site Scripting Vulnerability
2017-04-29
http://www.securityfocus.com/bid/98057

SANS News

KNOW before NO

Threatpost

WikiLeaks Reveals CIA Tool ‘Scribbles’ For Document Tracking

Exploit

 

28.4.2017

Bugtraq

[security bulletin] HPESBHF03738 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution 2017-04-28
security-alert hpe com

[SECURITY] [DSA 3838-1] ghostscript security update 2017-04-28
Salvatore Bonaccorso (carnil debian org)

Apple iOS 10.2 & 10.3 - Control Panel Denial of Service Vulnerability 2017-04-28
Vulnerability Lab (research vulnerability-lab com)

Live Helper Chat - Cross-Site Scripting 2017-04-28
Advisories (advisories compass-security com)

[SECURITY] [DSA 3836-1] weechat security update 2017-04-27
Salvatore Bonaccorso (carnil debian org)

FreeBSD Security Advisory FreeBSD-SA-17:04.ipfilter 2017-04-27
FreeBSD Security Advisories (security-advisories freebsd org)

CVE-2017-3162: Apache Hadoop DataNode web UI vulnerability 2017-04-26
Chris Douglas (cdouglas apache org)

April 2017 - Confluence - Security Advisory 2017-04-26
David Black (dblack atlassian com)

[SECURITY] [DSA 3834-1] mysql-5.5 security update 2017-04-25
Salvatore Bonaccorso (carnil debian org)

Malware

Trojan:Win32/Emotet.K 

Phishing

PayPal

28th April 2017

Last Reminder: Your account
will be limited until we hear
from you.

Tesco Bank

27th April 2017

ALERT FROM TESCO BANK

spoof

26th April 2017

Okay I might try that.

CardApprovalUSA

26th April 2017

Open a new credit account

Vulnerebility

YARA 'yy_get_next_buffer()' Function Denial of Service Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98077

YARA CVE-2017-8294 Denial of Service Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98072

GNOME gnome-shell CVE-2017-8288 Lock Screen Local Security Bypass Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98070

Jenkins CVE-2017-1000355 Denial of Service Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98066

Squirrelmail CVE-2017-7692 Command Injection Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98067

GE Multiple Products CVE-2017-7905 Weak Password Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98063

dpkg CVE-2017-8283 Directory Traversal Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98064

Jenkins CVE-2017-1000354 User Impersonation Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98065

Jenkins CVE-2017-1000356 Multiple Cross Site Request Forgery Vulnerabilities
2017-04-28
http://www.securityfocus.com/bid/98062

Oracle E-Business Suite CVE-2017-3342 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98061

Oracle E-Business Suite CVE-2017-3356 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98058

Oracle E-Business Suite CVE-2017-3347 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98060

Oracle E-Business Suite CVE-2017-3355 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98059

Jenkins Java Deserialization CVE-2017-1000353 Remote Code Execution Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98056

Mediawiki 'Parser::replaceInternalLinks2()' Method Cross-Site Scripting Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98057

Mediawiki 'Special:MyPage/common.css' Cross-Site Scripting Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98053

HP NonStop Servers CVE-2017-5803 Information Disclosure Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98052

Oracle E-Business Suite CVE-2017-3345 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98055

Oracle E-Business Suite CVE-2017-3434 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98054

EMC ResourcePak Base CVE-2017-4982 Local Privilege Escalation Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98049

Fortinet FortiOS CVE-2017-3127 Cross Site Scripting Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98048

Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98050

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2017-04-28
http://www.securityfocus.com/bid/91319

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2017-04-28
http://www.securityfocus.com/bid/91081

Mozilla Firefox Multiple Security Vulnerabilities
2017-04-28
http://www.securityfocus.com/bid/97940

IrfanView CVE-2017-2813 Integer Overflow Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98046

EMC Data Domain OS CVE-2017-4983 Local Privilege Escalation Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98047

Revive Adserver Multiple Security Vulnerabilities
2017-04-28
http://www.securityfocus.com/bid/83964

Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2017-04-28
http://www.securityfocus.com/bid/91067

Apache Struts CVE-2012-1007 Multiple Cross Site Scripting Vulnerabilities
2017-04-28
http://www.securityfocus.com/bid/51900Jenkins CVE-2017-1000356 Multiple Cross Site Request Forgery Vulnerabilities
2017-04-28
http://www.securityfocus.com/bid/98062

Oracle E-Business Suite CVE-2017-3342 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98061

Oracle E-Business Suite CVE-2017-3356 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98058

Oracle E-Business Suite CVE-2017-3347 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98060

Oracle E-Business Suite CVE-2017-3355 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98059

Jenkins Java Deserialization CVE-2017-1000353 Remote Code Execution Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98056

Mediawiki 'Parser::replaceInternalLinks2()' Method Cross-Site Scripting Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98057

Mediawiki 'Special:MyPage/common.css' Cross-Site Scripting Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98053

HP NonStop Servers CVE-2017-5803 Information Disclosure Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98052

Oracle E-Business Suite CVE-2017-3345 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98055

Oracle E-Business Suite CVE-2017-3434 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98054

EMC ResourcePak Base CVE-2017-4982 Local Privilege Escalation Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98049

Fortinet FortiOS CVE-2017-3127 Cross Site Scripting Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98048

Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98050

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2017-04-28
http://www.securityfocus.com/bid/91319

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2017-04-28
http://www.securityfocus.com/bid/91081

Mozilla Firefox Multiple Security Vulnerabilities
2017-04-28
http://www.securityfocus.com/bid/97940

IrfanView CVE-2017-2813 Integer Overflow Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98046

EMC Data Domain OS CVE-2017-4983 Local Privilege Escalation Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98047

Revive Adserver Multiple Security Vulnerabilities
2017-04-28
http://www.securityfocus.com/bid/83964

Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2017-04-28
http://www.securityfocus.com/bid/91067

Apache Struts CVE-2012-1007 Multiple Cross Site Scripting Vulnerabilities
2017-04-28
http://www.securityfocus.com/bid/51900

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2017-04-28
http://www.securityfocus.com/bid/67121

Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability
2017-04-28
http://www.securityfocus.com/bid/83326

MyBB CVE-2017-8104 Directory Traversal Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98045

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2017-04-28
http://www.securityfocus.com/bid/83423

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-04-28
http://www.securityfocus.com/bid/95813

OpenSSL 'crypto/asn1/a_d2i_fp.c' Local Denial of Service Vulnerability
2017-04-28
http://www.securityfocus.com/bid/87940

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2017-04-28
http://www.securityfocus.com/bid/89746

OpenSSL CVE-2016-2105 Buffer Overflow Vulnerability
2017-04-28
http://www.securityfocus.com/bid/89757Oracle E-Business Suite CVE-2017-3355 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98059

Jenkins Java Deserialization CVE-2017-1000353 Remote Code Execution Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98056

Mediawiki 'Parser::replaceInternalLinks2()' Method Cross-Site Scripting Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98057

Mediawiki 'Special:MyPage/common.css' Cross-Site Scripting Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98053

HP NonStop Servers CVE-2017-5803 Information Disclosure Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98052

Oracle E-Business Suite CVE-2017-3345 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98055

Oracle E-Business Suite CVE-2017-3434 Remote Security Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98054

EMC ResourcePak Base CVE-2017-4982 Local Privilege Escalation Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98049

Fortinet FortiOS CVE-2017-3127 Cross Site Scripting Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98048

Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98050

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2017-04-28
http://www.securityfocus.com/bid/91319

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2017-04-28
http://www.securityfocus.com/bid/91081

Mozilla Firefox Multiple Security Vulnerabilities
2017-04-28
http://www.securityfocus.com/bid/97940

IrfanView CVE-2017-2813 Integer Overflow Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98046

EMC Data Domain OS CVE-2017-4983 Local Privilege Escalation Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98047

Revive Adserver Multiple Security Vulnerabilities
2017-04-28
http://www.securityfocus.com/bid/83964

Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2017-04-28
http://www.securityfocus.com/bid/91067

Apache Struts CVE-2012-1007 Multiple Cross Site Scripting Vulnerabilities
2017-04-28
http://www.securityfocus.com/bid/51900

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2017-04-28
http://www.securityfocus.com/bid/67121

Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability
2017-04-28
http://www.securityfocus.com/bid/83326

MyBB CVE-2017-8104 Directory Traversal Vulnerability
2017-04-28
http://www.securityfocus.com/bid/98045

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2017-04-28
http://www.securityfocus.com/bid/83423

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-04-28
http://www.securityfocus.com/bid/95813

OpenSSL 'crypto/asn1/a_d2i_fp.c' Local Denial of Service Vulnerability
2017-04-28
http://www.securityfocus.com/bid/87940

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2017-04-28
http://www.securityfocus.com/bid/89746

OpenSSL CVE-2016-2105 Buffer Overflow Vulnerability
2017-04-28
http://www.securityfocus.com/bid/89757

OpenSSL CVE-2016-2106 Integer Overflow Vulnerability
2017-04-28
http://www.securityfocus.com/bid/89744

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2017-04-28
http://www.securityfocus.com/bid/89760

Apache Axis Incomplete Fix CVE-2014-3596 SSL Certificate Validation Security Bypass Vulnerability
2017-04-28
http://www.securityfocus.com/bid/69295

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2017-04-28
http://www.securityfocus.com/bid/91453

SANS News

Another Day, Another Obfuscation Technique

Threatpost

Attack Method Highlights Weaknesses in Microsoft CFG

The Time Has Arrived to Embrace Hackers


Chrome to Mark More HTTP Pages ‘Not Secure’

Lack of Communication Achilles’ Heel for Ransomware Fighters

ransomware-cyberespionage-dominate-verizon-dbir

Exploit

Mercurial - Custom hg-ssh Wrapper Remote Code Exec (Metasploit)

TYPO3 News Module - SQL Injection

Simple File Uploader - Arbitrary File Download

Easy File Uploader - Arbitrary File Upload

27.4.2017

Bugtraq

FreeBSD Security Advisory FreeBSD-SA-17:04.ipfilter 2017-04-27
FreeBSD Security Advisories (security-advisories freebsd org)

CVE-2017-3162: Apache Hadoop DataNode web UI vulnerability 2017-04-26
Chris Douglas (cdouglas apache org)

April 2017 - Confluence - Security Advisory 2017-04-26
David Black (dblack atlassian com)

[SECURITY] [DSA 3834-1] mysql-5.5 security update 2017-04-25
Salvatore Bonaccorso (carnil debian org)

Malware

Backdoor.Miskip

Trojan.Pidief.X

Infostealer.Lokibot

Linux.Shishiga

Phishing

spoof

26th April 2017

Okay I might try that.

CardApprovalUSA

26th April 2017

Open a new credit account

Federal Bureau of Investigatio

26th April 2017

Executive Director FBI

Vulnerebility

EMC ResourcePak Base CVE-2017-4982 Local Privilege Escalation Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98049

Fortinet FortiOS CVE-2017-3127 Cross Site Scripting Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98048

Mozilla Network Security Services CVE-2017-5461 Memory Corruption Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98050

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2017-04-27
http://www.securityfocus.com/bid/91319

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2017-04-27
http://www.securityfocus.com/bid/91081

Mozilla Firefox Multiple Security Vulnerabilities
2017-04-27
http://www.securityfocus.com/bid/97940

IrfanView CVE-2017-2813 Integer Overflow Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98046

EMC Data Domain OS CVE-2017-4983 Local Privilege Escalation Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98047

Revive Adserver Multiple Security Vulnerabilities
2017-04-27
http://www.securityfocus.com/bid/83964

Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2017-04-27
http://www.securityfocus.com/bid/91067

Apache Struts CVE-2012-1007 Multiple Cross Site Scripting Vulnerabilities
2017-04-27
http://www.securityfocus.com/bid/51900

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2017-04-27
http://www.securityfocus.com/bid/67121

Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability
2017-04-27
http://www.securityfocus.com/bid/83326

MyBB CVE-2017-8104 Directory Traversal Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98045

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2017-04-27
http://www.securityfocus.com/bid/83423

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/95813

OpenSSL 'crypto/asn1/a_d2i_fp.c' Local Denial of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/87940

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2017-04-27
http://www.securityfocus.com/bid/89746

OpenSSL CVE-2016-2105 Buffer Overflow Vulnerability
2017-04-27
http://www.securityfocus.com/bid/89757

OpenSSL CVE-2016-2106 Integer Overflow Vulnerability
2017-04-27
http://www.securityfocus.com/bid/89744

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2017-04-27
http://www.securityfocus.com/bid/89760

Apache Axis Incomplete Fix CVE-2014-3596 SSL Certificate Validation Security Bypass Vulnerability
2017-04-27
http://www.securityfocus.com/bid/69295

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/91453

cURL/libcURL CVE-2015-3236 Information Disclosure Vulnerability
2017-04-27
http://www.securityfocus.com/bid/75385

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/93171

cURL/libcURL 'smb_request_state()' Function Security Vulnerability
2017-04-27
http://www.securityfocus.com/bid/75387

Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability
2017-04-27
http://www.securityfocus.com/bid/83324

Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability
2017-04-27
http://www.securityfocus.com/bid/83330

Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/91068

Apache Tomcat Security Manager CVE-2016-0714 Remote Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/83327OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/93171

cURL/libcURL 'smb_request_state()' Function Security Vulnerability
2017-04-27
http://www.securityfocus.com/bid/75387

Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability
2017-04-27
http://www.securityfocus.com/bid/83324

Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability
2017-04-27
http://www.securityfocus.com/bid/83330

Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/91068

Apache Tomcat Security Manager CVE-2016-0714 Remote Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/83327

ISC BIND CVE-2016-9444 Remote Denial of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/95393

ISC BIND CVE-2016-9147 Remote Denial of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/95390

ISC BIND CVE-2016-9131 Remote Denial of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/95386

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/94067

OpenIDM CVE-2017-7590 HTML Injection Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98044

Linux Kernel CVE-2016-3672 ASLR Implementation Local Security Weakness
2017-04-27
http://www.securityfocus.com/bid/85884

Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/78215

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/93188

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2017-04-27
http://www.securityfocus.com/bid/92984

Exponent CMS CVE-2017-8085 Cross Site Scripting Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98043

Pillow CVE-2016-3076 Heap Buffer Overflow Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98042

Vivaldi Installer CVE-2017-2156 DLL Loading Remote Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98040

McAfee VirusScan Enterprise CVE-2016-8030 Memory Corruption Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98041

Lenovo System Update CVE-2015-8109 Local Privilege Escalation Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98039

OpenText Documentum Content Server CVE-2017-7221 Incomplete Fix Remote Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98038

Lenovo System Update CVE-2015-8110 Local Privilege Escalation Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98037

BlackBerry Broadcom Wi-Fi Driver CVE-2016-2433 Arbitrary Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98034

Sierra Wireless AirLink Raven ICSA-17-115-02 Multiple Security Vulnerabilities
2017-04-27
http://www.securityfocus.com/bid/98036

aescrypt gem CVE-2013-7463 Multiple Security Bypass Vulnerabilities
2017-04-27
http://www.securityfocus.com/bid/98035

BLF-Tech LLC VisualView HMI CVE-2017-6051 DLL Loading Local Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98031

Hyundai Motor America Blue Link ICSA-17-115-03 Multiple Security Vulnerabilities
2017-04-27
http://www.securityfocus.com/bid/98033

Joomla! CVE-2017-8057 Multiple Full Path Information Disclosure Vulnerabilities
2017-04-27
http://www.securityfocus.com/bid/98028

OpenStack Keystone CVE-2017-2673 Security Bypass Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98032

Joomla! Core CVE-2017-7989 Arbitrary File Upload Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98029OpenText Documentum Content Server CVE-2017-7221 Incomplete Fix Remote Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98038

Lenovo System Update CVE-2015-8110 Local Privilege Escalation Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98037

BlackBerry Broadcom Wi-Fi Driver CVE-2016-2433 Arbitrary Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98034

Sierra Wireless AirLink Raven ICSA-17-115-02 Multiple Security Vulnerabilities
2017-04-27
http://www.securityfocus.com/bid/98036

aescrypt gem CVE-2013-7463 Multiple Security Bypass Vulnerabilities
2017-04-27
http://www.securityfocus.com/bid/98035

BLF-Tech LLC VisualView HMI CVE-2017-6051 DLL Loading Local Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98031

Hyundai Motor America Blue Link ICSA-17-115-03 Multiple Security Vulnerabilities
2017-04-27
http://www.securityfocus.com/bid/98033

Joomla! CVE-2017-8057 Multiple Full Path Information Disclosure Vulnerabilities
2017-04-27
http://www.securityfocus.com/bid/98028

OpenStack Keystone CVE-2017-2673 Security Bypass Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98032

Joomla! Core CVE-2017-7989 Arbitrary File Upload Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98029

IBM License Metric Tool and IBM BigFix Inventory CVE-2016-8962 Weak Password Security Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98030

IBM WebSphere Commerce CVE-2017-1170 Local Session Hijacking Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98027

Google Nexus Qualcomm Sound Driver CVE-2017-0586 Information Disclosure Vulnerability
2017-04-27
http://www.securityfocus.com/bid/97357

Google Pixel Qualcomm Sound Codec Driver CVE-2016-10231 Privilege Escalation Vulnerability
2017-04-27
http://www.securityfocus.com/bid/97402

Apache Hadoop CVE-2017-3161 Cross Site Scripting Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98025

IBM Domino CVE-2017-1274 Stack Buffer Overflow Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98019

Multiple IBM Products CVE-2016-8924 Session Hijacking Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98023

IBM UrbanCode Deploy CVE-2017-1149 XML External Entity Injection Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98026

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2017-04-27
http://www.securityfocus.com/bid/91319

Joomla! CVE-2017-7988 Security Bypass Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98022

Joomla! CVE-2017-7985 Cross Site Scripting Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98020

Joomla! CVE-2017-7986 Cross Site Scripting Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98024

Joomla! CVE-2017-7987 Cross Site Scripting Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98021

Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
2017-04-27
http://www.securityfocus.com/bid/96729

Apache Hadoop CVE-2017-3162 Input Validation Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98017

Joomla! CVE-2017-7984 Cross Site Scripting Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98018

Joomla! CVE-2017-7983 Information Disclosure Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98016

QEMU CVE-2017-8112 Denial of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/98015

OpenSSL CVE-2017-3733 Denial of Service Vulnerability
2017-04-27
http://www.securityfocus.com/bid/96269

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2017-04-27
http://www.securityfocus.com/bid/89760

SANS News

BGP Hijacking: The Internet is Still/Again Broken

Threatpost

Auto Lender Exposes Loan Data For Up To 1 Million Applicants

Lack of Security Talent Afflicts Healthcare

Air Force Hopes To Attract Hackers With Bug Bounty Program

Exploit

Microsoft Internet Explorer 11.576.14393.0 -...

Revive Ad Server 4.0.1 - Cross-Site Scripting / Cross-Site Request Forgery

Mercurial - Custom hg-ssh Wrapper Remote Code Exec (Metasploit)

TYPO3 News Module - SQL Injection

Revive Ad Server 4.0.1 - Cross-Site Scripting / Cross-Site Request Forgery

26.4.2017

Bugtraq

CVE-2017-3162: Apache Hadoop DataNode web UI vulnerability 2017-04-26
Chris Douglas (cdouglas apache org)

April 2017 - Confluence - Security Advisory 2017-04-26
David Black (dblack atlassian com)

[SECURITY] [DSA 3834-1] mysql-5.5 security update 2017-04-25
Salvatore Bonaccorso (carnil debian org)

[slackware-security] mozilla-firefox (SSA:2017-114-01) 2017-04-24
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3833-1] libav security update 2017-04-24
Moritz Muehlenhoff (jmm debian org)

KL-001-2017-009 : Solarwinds LEM Database Listener with Hardcoded Credentials 2017-04-24
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2017-008 : Solarwinds LEM Management Shell Arbitrary File Read 2017-04-24
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2017-007 : Solarwinds LEM Management Shell Escape via Command Injection 2017-04-24
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2017-006 : Solarwinds LEM Privilege Escalation via Sudo Script Abuse 2017-04-24
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2017-005 : Solarwinds LEM Privilege Escalation via Controlled Sudo Path 2017-04-24
KoreLogic Disclosures (disclosures korelogic com)

Malware

 

Phishing

Federal Bureau of Investigatio

26th April 2017

Executive Director FBI

Chase

24th April 2017

Chase Bank Online Access
Limitation!

NatWest CreditCard

24th April 2017

You Have One Security Message
From NatWest CreditCard

test@gamblingsale.ru test@gamb

24th April 2017

Unsuccessful login attempts

Vulnerebility

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2017-04-26
http://www.securityfocus.com/bid/91319

Joomla! CVE-2017-7987 Cross Site Scripting Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98021

Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
2017-04-26
http://www.securityfocus.com/bid/96729

Apache Hadoop CVE-2017-3162 Input Validation Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98017

Joomla! CVE-2017-7984 Cross Site Scripting Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98018

Joomla! CVE-2017-7983 Information Disclosure Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98016

QEMU CVE-2017-8112 Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98015

OpenSSL CVE-2017-3733 Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/96269

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2017-04-26
http://www.securityfocus.com/bid/89760

HP OpenCall Media Platform Multiple Cross Site Scripting and Remote File Include Vulnerabilities
2017-04-26
http://www.securityfocus.com/bid/98013

Linux Kernel CVE-2017-7477 Heap Buffer Overflow Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98014

QEMU CVE-2017-8086 Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98012

RETIRED: Oracle Primavera Products CVE-2017-3508 Remote Security Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97889

Oracle MySQL Connectors CVE-2017-3523 Remote Security Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97982

QuickHeal CVE-2015-8285 Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97996

Linux Kernel 'drivers/net/usb/catc.c' Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98011

Linux Kernel CVE-2007-6761 Local Information Disclosure Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98001

Google Android CVE-2016-0833 Unspecified Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98009

Linux Kernel 'drivers/hid/hid-cp2112.c' Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98010

Linux Kernel 'drivers/net/usb/rtl8150.c' Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98008

Opera Web Browser CVE-2016-4075 Address Bar Spoofing Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98004

Trend Micro OfficeScan Multiple Privilege Escalation and Cross Site Scripting Vulnerabilities
2017-04-26
http://www.securityfocus.com/bid/98007

Multiple IBM Products CVE-2015-0104 Unspecified Remote Code Execution Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97999

Portrait Displays SDK CVE-2017-3210 Local Privilege Escalation Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98006

IBM Cúram Social Program Management CVE-2016-9980 Unspecified Cross Site Scripting Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98005

Adobe Flex BlazeDS CVE-2017-3066 Remote Code Execution Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98003

Multiple IBM Products CVE-2015-0107 Directory Traversal Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97998

Linux Kernel 'drivers/net/usb/pegasus.c' Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98000

Adobe ColdFusion CVE-2017-3008 Unspecified Cross Site Scripting Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98002

Google Nexus Qualcomm Crypto Engine Driver CVE-2016-10230 Remote Code Execution Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97400RETIRED: Oracle Primavera Products CVE-2017-3508 Remote Security Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97889

Oracle MySQL Connectors CVE-2017-3523 Remote Security Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97982

QuickHeal CVE-2015-8285 Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97996

Linux Kernel 'drivers/net/usb/catc.c' Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98011

Linux Kernel CVE-2007-6761 Local Information Disclosure Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98001

Google Android CVE-2016-0833 Unspecified Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98009

Linux Kernel 'drivers/hid/hid-cp2112.c' Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98010

Linux Kernel 'drivers/net/usb/rtl8150.c' Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98008

Opera Web Browser CVE-2016-4075 Address Bar Spoofing Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98004

Trend Micro OfficeScan Multiple Privilege Escalation and Cross Site Scripting Vulnerabilities
2017-04-26
http://www.securityfocus.com/bid/98007

Multiple IBM Products CVE-2015-0104 Unspecified Remote Code Execution Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97999

Portrait Displays SDK CVE-2017-3210 Local Privilege Escalation Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98006

IBM Cúram Social Program Management CVE-2016-9980 Unspecified Cross Site Scripting Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98005

Adobe Flex BlazeDS CVE-2017-3066 Remote Code Execution Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98003

Multiple IBM Products CVE-2015-0107 Directory Traversal Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97998

Linux Kernel 'drivers/net/usb/pegasus.c' Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98000

Adobe ColdFusion CVE-2017-3008 Unspecified Cross Site Scripting Vulnerability
2017-04-26
http://www.securityfocus.com/bid/98002

Google Nexus Qualcomm Crypto Engine Driver CVE-2016-10230 Remote Code Execution Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97400

IBM Security Guardium CVE-2017-1122 Local Command Injection Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97995

Linux Kernel CVE-2017-8066 Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97992

Linux Kernel 'drivers/char/virtio_console.c' Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97997

Linux Kernel 'crypto/ccm.c' Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97994

Linux Kernel 'drivers/hid/hid-cp2112.c' Local Denial of Service Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97991

IBM Cúram Social Program Management CVE-2016-9979 Unspecified Cross Site Scripting Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97993

Palo Alto Networks PAN-OS CVE-2017-7216 Information Disclosure Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97590

IBM Curam Social Program Management CVE-2016-9978 Information Disclosure Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97990

Google Chrome Prior to 50.0.2661.94 Multiple Security Vulnerabilities
2017-04-26
http://www.securityfocus.com/bid/89106

IBM Curam Social Program Management CVE-2016-8923 Information Disclosure Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97989

Google Chrome Prior to 57.0.2987.98 Multiple Security Vulnerabilities
2017-04-26
http://www.securityfocus.com/bid/96767

Red Hat OpenShift Enterprise CVE-2016-5409 Information Disclosure Vulnerability
2017-04-26
http://www.securityfocus.com/bid/97988

SANS News

If there are some unexploited MSSQL Servers With Weak Passwords Left: They got you now (again)

Threatpost

Zimperium Acquisition Program Publishes Exploits for Patched Android Bugs

ColdFusion Hotfix Resolves XSS, Java Deserialization Bugs

xDedic Market Spilling Over With School Servers, PCs

Atlassian Resets HipChat Passwords Following Breach

Exploit

Microsoft Windows 2003 SP2 - 'ERRATICGOPHER' SMB Remote Code Execution

Microsoft Office Word - Malicious Hta Execution (Metasploit)

Apple Safari - Array concat Memory Corruption

WePresent WiPG-1000 - Command Injection (Metasploit)

FlySpray 1.0-rc4 - Cross-Site Scripting / Cross-Site Request Forgery

WordPress Plugin KittyCatfish 2.2 - SQL Injection

Realtek Audio Driver 6.0.1.7898 (Windows 10) - Dolby Audio X2 Service Privilege...

PrivateTunnel Client 2.8 - Local Buffer Overflow (SEH)

Oracle VirtualBox Guest Additions 5.1.18 - Unprivileged Windows User-Mode Guest...

25.4.2017

Bugtraq

[slackware-security] mozilla-firefox (SSA:2017-114-01) 2017-04-24
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3833-1] libav security update 2017-04-24
Moritz Muehlenhoff (jmm debian org)

KL-001-2017-009 : Solarwinds LEM Database Listener with Hardcoded Credentials 2017-04-24
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2017-008 : Solarwinds LEM Management Shell Arbitrary File Read 2017-04-24
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2017-007 : Solarwinds LEM Management Shell Escape via Command Injection 2017-04-24
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2017-006 : Solarwinds LEM Privilege Escalation via Sudo Script Abuse 2017-04-24
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2017-005 : Solarwinds LEM Privilege Escalation via Controlled Sudo Path 2017-04-24
KoreLogic Disclosures (disclosures korelogic com)

CVE-2017-7221. OpenText Documentum Content Server: arbitrary code execution in dm_bp_transition.ebs docbase method 2017-04-24
Andrey B. Panfilov (andrew panfilov tel)

Re: CVE-2017-7692: Squirrelmail 1.4.22 Remote Code Execution 2017-04-23
Dawid Golunski (dawid legalhackers com)

[slackware-security] ntp (SSA:2017-112-02) 2017-04-22
Slackware Security Team (security slackware com)

Malware

 

Phishing

Chase

24th April 2017

Chase Bank Online Access
Limitation!

NatWest CreditCard

24th April 2017

You Have One Security Message
From NatWest CreditCard

Vulnerebility

Adobe Flex BlazeDS CVE-2017-3066 Remote Code Execution Vulnerability
2017-04-25
http://www.securityfocus.com/bid/98003

Multiple IBM Products CVE-2015-0107 Directory Traversal Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97998

Linux Kernel 'drivers/net/usb/pegasus.c' Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/98000

Adobe ColdFusion CVE-2017-3008 Unspecified Cross Site Scripting Vulnerability
2017-04-25
http://www.securityfocus.com/bid/98002

Google Nexus Qualcomm Crypto Engine Driver CVE-2016-10230 Remote Code Execution Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97400

IBM Security Guardium CVE-2017-1122 Local Command Injection Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97995

Linux Kernel CVE-2017-8066 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97992

Linux Kernel 'drivers/char/virtio_console.c' Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97997

Linux Kernel 'crypto/ccm.c' Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97994

Linux Kernel 'drivers/hid/hid-cp2112.c' Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97991

IBM Cúram Social Program Management CVE-2016-9979 Unspecified Cross Site Scripting Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97993

Palo Alto Networks PAN-OS CVE-2017-7216 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97590

IBM Curam Social Program Management CVE-2016-9978 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97990

Google Chrome Prior to 50.0.2661.94 Multiple Security Vulnerabilities
2017-04-25
http://www.securityfocus.com/bid/89106

IBM Curam Social Program Management CVE-2016-8923 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97989

Google Chrome Prior to 57.0.2987.98 Multiple Security Vulnerabilities
2017-04-25
http://www.securityfocus.com/bid/96767

Red Hat OpenShift Enterprise CVE-2016-5409 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97988

WeeChat CVE-2017-8073 Buffer Overflow Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97987

pcs CVE-2016-0720 Cross Site Request Forgery Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97984

Linux Kernel CVE-2010-5329 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97986

TP-Link TL-SG108E CVE-2017-8078 Security Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97985

TP-Link TL-SG108E CVE-2017-8075 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97983

TP-Link TL-SG108E CVE-2017-8074 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97981

Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97982

podofo CVE-2017-7994 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97980

Shopware CVE-2016-3109 Arbitrary Code Execution Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97979

XOOPS CVE-2017-7944 Cross Site Scripting Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97978

pcs daemon CVE-2016-0721 Session Fixation Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97977

Linux Kernel CVE-2017-8064 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97975

NTP CVE-2016-7427 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94447Google Nexus Qualcomm Crypto Engine Driver CVE-2016-10230 Remote Code Execution Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97400

IBM Security Guardium CVE-2017-1122 Local Command Injection Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97995

Linux Kernel CVE-2017-8066 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97992

Linux Kernel 'drivers/char/virtio_console.c' Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97997

Linux Kernel 'crypto/ccm.c' Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97994

Linux Kernel 'drivers/hid/hid-cp2112.c' Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97991

IBM Cúram Social Program Management CVE-2016-9979 Unspecified Cross Site Scripting Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97993

Palo Alto Networks PAN-OS CVE-2017-7216 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97590

IBM Curam Social Program Management CVE-2016-9978 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97990

Google Chrome Prior to 50.0.2661.94 Multiple Security Vulnerabilities
2017-04-25
http://www.securityfocus.com/bid/89106

IBM Curam Social Program Management CVE-2016-8923 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97989

Google Chrome Prior to 57.0.2987.98 Multiple Security Vulnerabilities
2017-04-25
http://www.securityfocus.com/bid/96767

Red Hat OpenShift Enterprise CVE-2016-5409 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97988

WeeChat CVE-2017-8073 Buffer Overflow Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97987

pcs CVE-2016-0720 Cross Site Request Forgery Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97984

Linux Kernel CVE-2010-5329 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97986

TP-Link TL-SG108E CVE-2017-8078 Security Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97985

TP-Link TL-SG108E CVE-2017-8075 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97983

TP-Link TL-SG108E CVE-2017-8074 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97981

Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97982

podofo CVE-2017-7994 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97980

Shopware CVE-2016-3109 Arbitrary Code Execution Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97979

XOOPS CVE-2017-7944 Cross Site Scripting Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97978

pcs daemon CVE-2016-0721 Session Fixation Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97977

Linux Kernel CVE-2017-8064 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97975

NTP CVE-2016-7427 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94447

NTP CVE-2016-7429 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94453

NTP CVE-2015-8158 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81814

NTP CVE-2015-8138 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81811

Linux Kernel CVE-2017-8062 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97973
Palo Alto Networks PAN-OS CVE-2017-7216 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97590

Google Chrome Prior to 50.0.2661.94 Multiple Security Vulnerabilities
2017-04-25
http://www.securityfocus.com/bid/89106

Google Chrome Prior to 57.0.2987.98 Multiple Security Vulnerabilities
2017-04-25
http://www.securityfocus.com/bid/96767

Red Hat OpenShift Enterprise CVE-2016-5409 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97988

WeeChat CVE-2017-8073 Buffer Overflow Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97987

pcs CVE-2016-0720 Cross Site Request Forgery Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97984

Linux Kernel CVE-2010-5329 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97986

TP-Link TL-SG108E CVE-2017-8078 Security Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97985

TP-Link TL-SG108E CVE-2017-8075 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97983

TP-Link TL-SG108E CVE-2017-8074 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97981

Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97982

podofo CVE-2017-7994 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97980

Shopware CVE-2016-3109 Arbitrary Code Execution Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97979

XOOPS CVE-2017-7944 Cross Site Scripting Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97978

pcs daemon CVE-2016-0721 Session Fixation Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97977

Linux Kernel CVE-2017-8064 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97975

NTP CVE-2016-7427 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94447

NTP CVE-2016-7429 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94453

NTP CVE-2015-8158 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81814

NTP CVE-2015-8138 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81811

Linux Kernel CVE-2017-8062 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97973

NTP CVE-2016-7431 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94454

Linux Kernel CVE-2017-8063 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97974

NTP CVE-2015-7979 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81816

Cybozu Kintone App CVE-2016-1186 SSL Certificate Validation Security Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97976

NTP CVE-2015-7973 Security Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81963

Linux Kernel CVE-2017-8061 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97972

QEMU 'hw/9pfs/9p-local.c' Privilege Escalation Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97970

NTP CVE-2016-9310 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94452

Linux Kernel CVE-2017-7979 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97969TP-Link TL-SG108E CVE-2017-8078 Security Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97985

TP-Link TL-SG108E CVE-2017-8075 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97983

TP-Link TL-SG108E CVE-2017-8074 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97981

Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97982

podofo CVE-2017-7994 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97980

Shopware CVE-2016-3109 Arbitrary Code Execution Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97979

XOOPS CVE-2017-7944 Cross Site Scripting Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97978

pcs daemon CVE-2016-0721 Session Fixation Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97977

Linux Kernel CVE-2017-8064 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97975

NTP CVE-2016-7427 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94447

NTP CVE-2016-7429 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94453

NTP CVE-2015-8158 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81814

NTP CVE-2015-8138 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81811

Linux Kernel CVE-2017-8062 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97973

NTP CVE-2016-7431 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94454

Linux Kernel CVE-2017-8063 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97974

NTP CVE-2015-7979 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81816

Cybozu Kintone App CVE-2016-1186 SSL Certificate Validation Security Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97976

NTP CVE-2015-7973 Security Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81963

Linux Kernel CVE-2017-8061 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97972

QEMU 'hw/9pfs/9p-local.c' Privilege Escalation Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97970

NTP CVE-2016-9310 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94452

Linux Kernel CVE-2017-7979 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97969

Apache ActiveMQ CVE-2015-7559 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97967

Perl YAML-LibYAML Module 'perl_libyaml.c' Multiple Format String Vulnerabilities
2017-04-25
http://www.securityfocus.com/bid/52381

Minicom CVE-2017-7467 Local Buffer Overflow Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97966

NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94444

Novell NetIQ Access Manager CVE-2017-5190 Remote Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97965

Apache CXF CVE-2017-5656 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97971

Apache CXF CVE-2017-5653 Spoofing Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97968Shopware CVE-2016-3109 Arbitrary Code Execution Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97979

XOOPS CVE-2017-7944 Cross Site Scripting Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97978

pcs daemon CVE-2016-0721 Session Fixation Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97977

Linux Kernel CVE-2017-8064 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97975

NTP CVE-2016-7427 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94447

NTP CVE-2016-7429 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94453

NTP CVE-2015-8158 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81814

NTP CVE-2015-8138 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81811

Linux Kernel CVE-2017-8062 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97973

NTP CVE-2016-7431 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94454

Linux Kernel CVE-2017-8063 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97974

NTP CVE-2015-7979 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81816

Cybozu Kintone App CVE-2016-1186 SSL Certificate Validation Security Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97976

NTP CVE-2015-7973 Security Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/81963

Linux Kernel CVE-2017-8061 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97972

QEMU 'hw/9pfs/9p-local.c' Privilege Escalation Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97970

NTP CVE-2016-9310 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94452

Linux Kernel CVE-2017-7979 Local Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97969

Apache ActiveMQ CVE-2015-7559 Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97967

Perl YAML-LibYAML Module 'perl_libyaml.c' Multiple Format String Vulnerabilities
2017-04-25
http://www.securityfocus.com/bid/52381

Minicom CVE-2017-7467 Local Buffer Overflow Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97966

NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/94444

Novell NetIQ Access Manager CVE-2017-5190 Remote Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97965

Apache CXF CVE-2017-5656 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97971

Apache CXF CVE-2017-5653 Spoofing Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97968

infinispan CVE-2017-2638 Authentication Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97964

cURL/libcURL CVE-2017-7468 Remote Security Bypass Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97962

libbpg 'image_alloc()' Function Null Pointer Dereference Denial of Service Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97963

Atlassian Confluence CVE-2017-7415 Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97961

MySQL-GUI-tools CVE-2010-4178 Local Information Disclosure Vulnerability
2017-04-25
http://www.securityfocus.com/bid/97960

SANS News

Analysis of the Shadow Z118 PayPal phishing site

CAA Records and Certificate Issuance

Threatpost

Hard Target: Fileless Malware

Hyundai Patches Leaky Blue Link Mobile App

No Fix for SquirrelMail Remote Code Execution Vulnerability

Locky Ransomware Roars Back to Life Via Necurs Botnet

Original XPan Ransomware Returns, Targets Brazilian SMBs

Exploit

FlySpray 1.0-rc4 - Cross-Site Scripting / Cross-Site Request Forgery

WordPress Plugin KittyCatfish 2.2 - SQL Injection

WordPress Plugin Car Rental System 2.5 - SQL Injection

WordPress Plugin Wow Viral Signups 2.1 - SQL Injection

WordPress Plugin Wow Forms 2.1 - SQL Injection

Oracle PeopleSoft - 'PeopleSoftServiceListeningConnector' XML External Entity via...

Oracle E-Business Suite 12.2.3 - 'IESFOOTPRINT' SQL Injection

HPE OpenCall Media Platform (OCMP) 4.3.2 - Cross-Site Scripting / Remote File Inclusion

Easy MOV Converter 1.4.24 - Local Buffer Overflow (SEH)

PrivateTunnel Client 2.8 - Local Buffer Overflow (SEH)

Dell Customer Connect 1.3.28.0 - Privilege Escalation

24.4.2017

Bugtraq

 

Malware

 

Phishing

PayPal

23rd April 2017

Your account will be limited.

Tesco Bank

21st April 2017

Urgent Message From Tesco
Secure

Chase

21st April 2017

New Notification from Chase

Dropbox team

20th April 2017

One Attached Document Via
Dropbox

Vulnerebility

Perl YAML-LibYAML Module 'perl_libyaml.c' Multiple Format String Vulnerabilities
2017-04-24
http://www.securityfocus.com/bid/52381

NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/94444

Novell NetIQ Access Manager CVE-2017-5190 Remote Information Disclosure Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97965

Apache CXF CVE-2017-5656 Information Disclosure Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97971

Apache CXF CVE-2017-5653 Spoofing Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97968

infinispan CVE-2017-2638 Authentication Bypass Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97964

cURL/libcURL CVE-2017-7468 Remote Security Bypass Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97962

libbpg 'image_alloc()' Function Null Pointer Dereference Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97963

Atlassian Confluence CVE-2017-7415 Information Disclosure Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97961

MySQL-GUI-tools CVE-2010-4178 Local Information Disclosure Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97960

MySQL-GUI-tools CVE-2010-4177 Local Information Disclosure Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97959

Google Chrome Prior to 58.0.3029.81 Multiple Security Vulnerabilities
2017-04-24
http://www.securityfocus.com/bid/97939

Multiple McAfee Products CVE-2017-4028 Local Code Injection Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97958

QEMU 'hw/display/cirrus_vga_rop.h' Multiple Memory Corruption Vulnerabilities
2017-04-24
http://www.securityfocus.com/bid/97957

ImageMagick CVE-2017-7943 Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97956

Mozilla Firefox Multiple Security Vulnerabilities
2017-04-24
http://www.securityfocus.com/bid/97940

Pexip Infinity CVE-2017-6551 Remote Code Execution Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97954

Qemu 'hw/display/cirrus_vga.c' Remote Code Execution Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97955

Palo Alto Networks PAN-OS CVE-2017-7409 Cross Site Scripting Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97953

Nessus CVE-2017-7850 Local Privilege Escalation Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97952

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/95813

OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/75156

OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/75158

OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2017-04-24
http://www.securityfocus.com/bid/78626

OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/73225

OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/71937

FreeBSD CVE-2013-5209 Information Disclosure Vulnerability
2017-04-24
http://www.securityfocus.com/bid/61939

Dropbear SSH Server Use After Free Remote Code Execution Vulnerability
2017-04-24
http://www.securityfocus.com/bid/52159

OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2017-04-24
http://www.securityfocus.com/bid/71936

Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability
2017-04-24
http://www.securityfocus.com/bid/91869
Multiple McAfee Products CVE-2017-4028 Local Code Injection Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97958

QEMU 'hw/display/cirrus_vga_rop.h' Multiple Memory Corruption Vulnerabilities
2017-04-24
http://www.securityfocus.com/bid/97957

ImageMagick CVE-2017-7943 Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97956

Mozilla Firefox Multiple Security Vulnerabilities
2017-04-24
http://www.securityfocus.com/bid/97940

Pexip Infinity CVE-2017-6551 Remote Code Execution Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97954

Qemu 'hw/display/cirrus_vga.c' Remote Code Execution Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97955

Palo Alto Networks PAN-OS CVE-2017-7409 Cross Site Scripting Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97953

Nessus CVE-2017-7850 Local Privilege Escalation Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97952

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/95813

OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/75156

OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/75158

OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2017-04-24
http://www.securityfocus.com/bid/78626

OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/73225

OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/71937

FreeBSD CVE-2013-5209 Information Disclosure Vulnerability
2017-04-24
http://www.securityfocus.com/bid/61939

Dropbear SSH Server Use After Free Remote Code Execution Vulnerability
2017-04-24
http://www.securityfocus.com/bid/52159

OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2017-04-24
http://www.securityfocus.com/bid/71936

Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability
2017-04-24
http://www.securityfocus.com/bid/91869

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-04-24
http://www.securityfocus.com/bid/95814

Nessus CVE-2017-7849 Local Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97951

Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97948

Linux Kernel CVE-2017-7645 Multiple Denial of Service Vulnerabilities
2017-04-24
http://www.securityfocus.com/bid/97950

Apache Traffic Server CVE-2017-5659 Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97949

Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97945

LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/71349

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2017-04-24
http://www.securityfocus.com/bid/66478

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2017-04-24
http://www.securityfocus.com/bid/65258

ImageMagick CVE-2017-7942 Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97946

ImageMagick CVE-2017-7941 Denial of Service Vulnerability
2017-04-24
http://www.securityfocus.com/bid/97944

Splunk Enterprise and Lite Multiple Cross Site Scripting Vulnerabilities
2017-04-24
http://www.securityfocus.com/bid/97942

SANS News

Malicious Documents: A Bit Of News

Threatpost

SMSVova Spyware Hiding in ‘System Update’ App Ejected From Google Play Store

Exploit

SquirrelMail < 1.4.22 - Remote Code Execution

23.4.2017

Bugtraq

CVE-2017-7192: Starscream library before 2.0.4 allows SSL pinning bypass 2017-04-21
Security Advisories (security advisories centralway com)

[SECURITY] [DSA 3831-1] firefox-esr security update 2017-04-19
Moritz Muehlenhoff (jmm debian org)

[HITB-Announce] HITB GSEC 2017 CFP Closes April 30th 2017-04-19
Hafez Kamal (aphesz hackinthebox org)

October CMS v1.0.412 several vulnerabilities 2017-04-19
Anti Räis (antirais gmail com)

Malware

Trojan.Lodarat

Backdoor.Doublepulsar

Phishing

 

Vulnerebility

Multiple McAfee Products CVE-2017-4028 Local Code Injection Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97958

QEMU 'hw/display/cirrus_vga_rop.h' Multiple Memory Corruption Vulnerabilities
2017-04-23
http://www.securityfocus.com/bid/97957

ImageMagick CVE-2017-7943 Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97956

Mozilla Firefox Multiple Security Vulnerabilities
2017-04-23
http://www.securityfocus.com/bid/97940

Pexip Infinity CVE-2017-6551 Remote Code Execution Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97954

Qemu 'hw/display/cirrus_vga.c' Remote Code Execution Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97955

Palo Alto Networks PAN-OS CVE-2017-7409 Cross Site Scripting Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97953

Nessus CVE-2017-7850 Local Privilege Escalation Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97952

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/95813

OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/75156

OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/75158

OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2017-04-23
http://www.securityfocus.com/bid/78626

OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/73225

OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/71937

FreeBSD CVE-2013-5209 Information Disclosure Vulnerability
2017-04-23
http://www.securityfocus.com/bid/61939

Dropbear SSH Server Use After Free Remote Code Execution Vulnerability
2017-04-23
http://www.securityfocus.com/bid/52159

OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2017-04-23
http://www.securityfocus.com/bid/71936

Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability
2017-04-23
http://www.securityfocus.com/bid/91869

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-04-23
http://www.securityfocus.com/bid/95814

Nessus CVE-2017-7849 Local Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97951

Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97948

Linux Kernel CVE-2017-7645 Multiple Denial of Service Vulnerabilities
2017-04-23
http://www.securityfocus.com/bid/97950

Apache Traffic Server CVE-2017-5659 Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97949

Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97945

LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/71349

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2017-04-23
http://www.securityfocus.com/bid/66478

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2017-04-23
http://www.securityfocus.com/bid/65258

ImageMagick CVE-2017-7942 Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97946

ImageMagick CVE-2017-7941 Denial of Service Vulnerability
2017-04-23
http://www.securityfocus.com/bid/97944

Splunk Enterprise and Lite Multiple Cross Site Scripting Vulnerabilities
2017-04-23
http://www.securityfocus.com/bid/97942Multiple McAfee Products CVE-2017-4028 Local Code Injection Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97958

QEMU 'hw/display/cirrus_vga_rop.h' Multiple Memory Corruption Vulnerabilities
2017-04-22
http://www.securityfocus.com/bid/97957

ImageMagick CVE-2017-7943 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97956

Mozilla Firefox Multiple Security Vulnerabilities
2017-04-22
http://www.securityfocus.com/bid/97940

Pexip Infinity CVE-2017-6551 Remote Code Execution Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97954

Qemu 'hw/display/cirrus_vga.c' Remote Code Execution Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97955

Palo Alto Networks PAN-OS CVE-2017-7409 Cross Site Scripting Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97953

Nessus CVE-2017-7850 Local Privilege Escalation Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97952

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/95813

OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/75156

OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/75158

OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2017-04-22
http://www.securityfocus.com/bid/78626

OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/73225

OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/71937

FreeBSD CVE-2013-5209 Information Disclosure Vulnerability
2017-04-22
http://www.securityfocus.com/bid/61939

Dropbear SSH Server Use After Free Remote Code Execution Vulnerability
2017-04-22
http://www.securityfocus.com/bid/52159

OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2017-04-22
http://www.securityfocus.com/bid/71936

Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability
2017-04-22
http://www.securityfocus.com/bid/91869

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-04-22
http://www.securityfocus.com/bid/95814

Nessus CVE-2017-7849 Local Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97951

Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97948

Linux Kernel CVE-2017-7645 Multiple Denial of Service Vulnerabilities
2017-04-22
http://www.securityfocus.com/bid/97950

Apache Traffic Server CVE-2017-5659 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97949

Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97945

LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/71349

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2017-04-22
http://www.securityfocus.com/bid/66478

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2017-04-22
http://www.securityfocus.com/bid/65258

ImageMagick CVE-2017-7942 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97946

ImageMagick CVE-2017-7941 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97944

Splunk Enterprise and Lite Multiple Cross Site Scripting Vulnerabilities
2017-04-22
http://www.securityfocus.com/bid/97942Multiple McAfee Products CVE-2017-4028 Local Code Injection Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97958

QEMU 'hw/display/cirrus_vga_rop.h' Multiple Memory Corruption Vulnerabilities
2017-04-22
http://www.securityfocus.com/bid/97957

ImageMagick CVE-2017-7943 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97956

Mozilla Firefox Multiple Security Vulnerabilities
2017-04-22
http://www.securityfocus.com/bid/97940

Pexip Infinity CVE-2017-6551 Remote Code Execution Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97954

Qemu 'hw/display/cirrus_vga.c' Remote Code Execution Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97955

Palo Alto Networks PAN-OS CVE-2017-7409 Cross Site Scripting Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97953

Nessus CVE-2017-7850 Local Privilege Escalation Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97952

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/95813

OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/75156

OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/75158

OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2017-04-22
http://www.securityfocus.com/bid/78626

OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/73225

OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/71937

FreeBSD CVE-2013-5209 Information Disclosure Vulnerability
2017-04-22
http://www.securityfocus.com/bid/61939

Dropbear SSH Server Use After Free Remote Code Execution Vulnerability
2017-04-22
http://www.securityfocus.com/bid/52159

OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2017-04-22
http://www.securityfocus.com/bid/71936

Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability
2017-04-22
http://www.securityfocus.com/bid/91869

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-04-22
http://www.securityfocus.com/bid/95814

Nessus CVE-2017-7849 Local Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97951

Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97948

Linux Kernel CVE-2017-7645 Multiple Denial of Service Vulnerabilities
2017-04-22
http://www.securityfocus.com/bid/97950

Apache Traffic Server CVE-2017-5659 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97949

Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97945

LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/71349

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2017-04-22
http://www.securityfocus.com/bid/66478

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2017-04-22
http://www.securityfocus.com/bid/65258

ImageMagick CVE-2017-7942 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97946

ImageMagick CVE-2017-7941 Denial of Service Vulnerability
2017-04-22
http://www.securityfocus.com/bid/97944

Splunk Enterprise and Lite Multiple Cross Site Scripting Vulnerabilities
2017-04-22
http://www.securityfocus.com/bid/97942

SANS News

WTF tcp port 81

Threatpost

Mirai and Hajime Locked Into IoT Botnet Battle

Google Pleads for Better Cross-Border Exchange of Digital Evidence

Skype Fixes ‘SPYKE’ Credential Phishing Remote Execution Bug

Exploit

Linux/x86 - Egg-hunter Shellcode (18 bytes)

21.4.2017

Bugtraq

CVE-2017-7192: Starscream library before 2.0.4 allows SSL pinning bypass 2017-04-21
Security Advisories (security advisories centralway com)

[SECURITY] [DSA 3831-1] firefox-esr security update 2017-04-19
Moritz Muehlenhoff (jmm debian org)

[HITB-Announce] HITB GSEC 2017 CFP Closes April 30th 2017-04-19
Hafez Kamal (aphesz hackinthebox org)

October CMS v1.0.412 several vulnerabilities 2017-04-19
Anti Räis (antirais gmail com)

DefenseCode ThunderScan SAST Advisory: Ultimate Form Builder Cross-Site Scripting (XSS) Vulnerability 2017-04-19
DefenseCode (defensecode defensecode com)

CVE-2017-7220. OpenText Documentum Content Server: privilege evaluation using crafted RPC save-commands. 2017-04-19
Andrey B. Panfilov (andrew panfilov tel)

CVE-2017-7692: Squirrelmail 1.4.22 Remote Code Execution 2017-04-19
Filippo Cavallarin (filippo cavallarin wearesegment com)

[slackware-security] minicom (SSA:2017-108-01) 2017-04-19
Slackware Security Team (security slackware com)

Malware

SMG.Ransom!gen

Trojan.Darkpulsar

Trojan.Lodarat

Phishing

Tesco Bank

21st April 2017

Urgent Message From Tesco
Secure

Chase

21st April 2017

New Notification from Chase

Dropbox team

20th April 2017

One Attached Document Via
Dropbox

AOL

20th April 2017

RETURNED MESSAGES

Apple ID

20th April 2017

YOUR APPLE ID INFORMATION HAS
BEEN UPDATED

HSBC

20th April 2017

Confirm your email address

Vulnerebility

QEMU 'hw/display/cirrus_vga_rop.h' Multiple Memory Corruption Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97957

ImageMagick CVE-2017-7943 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97956

Mozilla Firefox Multiple Security Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97940

Pexip Infinity CVE-2017-6551 Remote Code Execution Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97954

Qemu 'hw/display/cirrus_vga.c' Remote Code Execution Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97955

Palo Alto Networks PAN-OS CVE-2017-7409 Cross Site Scripting Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97953

Nessus CVE-2017-7850 Local Privilege Escalation Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97952

OpenSSL CVE-2017-3731 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/95813

OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/75156

OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/75158

OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2017-04-21
http://www.securityfocus.com/bid/78626

OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/73225

OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/71937

FreeBSD CVE-2013-5209 Information Disclosure Vulnerability
2017-04-21
http://www.securityfocus.com/bid/61939

Dropbear SSH Server Use After Free Remote Code Execution Vulnerability
2017-04-21
http://www.securityfocus.com/bid/52159

OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2017-04-21
http://www.securityfocus.com/bid/71936

Multiple Oracle Products CVE-2016-0635 Remote Security Vulnerability
2017-04-21
http://www.securityfocus.com/bid/91869

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-04-21
http://www.securityfocus.com/bid/95814

Nessus CVE-2017-7849 Local Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97951

Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97948

Linux Kernel CVE-2017-7645 Multiple Denial of Service Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97950

Apache Traffic Server CVE-2017-5659 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97949

Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97945

LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/71349

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2017-04-21
http://www.securityfocus.com/bid/66478

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2017-04-21
http://www.securityfocus.com/bid/65258

ImageMagick CVE-2017-7942 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97946

ImageMagick CVE-2017-7941 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97944

Splunk Enterprise and Lite Multiple Cross Site Scripting Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97942

Drupal CVE-2017-6919 Access Bypass Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97941Mozilla Firefox Multiple Security Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97940

Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97948

Linux Kernel CVE-2017-7645 Multiple Denial of Service Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97950

Apache Traffic Server CVE-2017-5659 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97949

Apache Traffic Server CVE-2016-5396 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97945

LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/71349

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2017-04-21
http://www.securityfocus.com/bid/66478

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2017-04-21
http://www.securityfocus.com/bid/65258

ImageMagick CVE-2017-7942 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97946

ImageMagick CVE-2017-7941 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97944

Splunk Enterprise and Lite Multiple Cross Site Scripting Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97942

Drupal CVE-2017-6919 Access Bypass Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97941

Google Chrome Prior to 58.0.3029.81 Multiple Security Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97939

Trend Micro InterScan Messaging Security Virtual Appliance Cross Site Scripting Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97938

Cisco Adaptive Security Appliance (ASA) Software CVE-2017-6608 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97937

Cisco ASA Software CVE-2017-6609 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97936

Cisco ASA Software CVE-2017-6610 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97934

Cisco IOS and IOS XE Software Multiple Denial of Service Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97935

Cisco Adaptive Security Appliance (ASA) Software CVE-2017-6607 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97933

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/93153

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/93150

OpenSSL CVE-2016-6305 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/93149

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/92628

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2017-04-21
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/92117

Cisco Firepower System Software CVE-2016-6368 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97932

Cisco IOS XE Software CVE-2017-6615 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97930LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/71349

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2017-04-21
http://www.securityfocus.com/bid/66478

LibYAML 'scanner.c' Remote Heap Based Buffer Overflow Vulnerability
2017-04-21
http://www.securityfocus.com/bid/65258

ImageMagick CVE-2017-7942 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97946

ImageMagick CVE-2017-7941 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97944

Mozilla Firefox Multiple Security Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97940

Splunk Enterprise and Lite Multiple Cross Site Scripting Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97942

Drupal CVE-2017-6919 Access Bypass Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97941

Google Chrome Prior to 58.0.3029.81 Multiple Security Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97939

Trend Micro InterScan Messaging Security Virtual Appliance Cross Site Scripting Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97938

Cisco Adaptive Security Appliance (ASA) Software CVE-2017-6608 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97937

Cisco ASA Software CVE-2017-6609 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97936

Cisco ASA Software CVE-2017-6610 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97934

Cisco IOS and IOS XE Software Multiple Denial of Service Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/97935

Cisco Adaptive Security Appliance (ASA) Software CVE-2017-6607 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97933

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/93153

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/93150

OpenSSL CVE-2016-6305 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/93149

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/92628

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2017-04-21
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2017-04-21
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/92117

Cisco Firepower System Software CVE-2016-6368 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97932

Cisco IOS XE Software CVE-2017-6615 Denial of Service Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97930

Cisco Prime Infrastructure CVE-2017-6611 Cross Site Scripting Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97931

Cisco Integrated Management Controller CVE-2017-6616 Remote Code Execution Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97928

Cisco Integrated Management Controller CVE-2017-6617 Session Hijacking Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97929

Cisco Integrated Management Controller CVE-2017-6618 Cross Site Scripting Vulnerability
2017-04-21
http://www.securityfocus.com/bid/97927

SANS News

Analysis of a Maldoc with Multiple Layers of Obfuscation

Threatpost

Stuxnet LNK Exploits Still Widely Circulated

20 Linksys Router Models Vulnerable To Attack

Google Fixes Unicode Phishing Vulnerability in Chrome 58, Firefox Standing Pat

Exploit

Microsoft Windows - ManagementObject Arbitrary .NET Serialization Remote Code...

Microsoft Windows 10 - Runtime Broker ClipboardBroker Privilege Escalation

Microsoft Windows 10 10586 - IEETWCollector Arbitrary Directory/File Deletion...

Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'PrototypeMap::createEmptyStructure'...

Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'operationSpreadGeneric' Universal...

VirtualBox 5.0.32 r112930 x64 - Windows Process COM Injection Privilege Escalation

VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp...

VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege...

VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege...

VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write

20.4.2017

Bugtraq

[SECURITY] [DSA 3831-1] firefox-esr security update 2017-04-19
Moritz Muehlenhoff (jmm debian org)

[HITB-Announce] HITB GSEC 2017 CFP Closes April 30th 2017-04-19
Hafez Kamal (aphesz hackinthebox org)

October CMS v1.0.412 several vulnerabilities 2017-04-19
Anti Räis (antirais gmail com)

DefenseCode ThunderScan SAST Advisory: Ultimate Form Builder Cross-Site Scripting (XSS) Vulnerability 2017-04-19
DefenseCode (defensecode defensecode com)

CVE-2017-7220. OpenText Documentum Content Server: privilege evaluation using crafted RPC save-commands. 2017-04-19
Andrey B. Panfilov (andrew panfilov tel)

CVE-2017-7692: Squirrelmail 1.4.22 Remote Code Execution 2017-04-19
Filippo Cavallarin (filippo cavallarin wearesegment com)

[slackware-security] minicom (SSA:2017-108-01) 2017-04-19
Slackware Security Team (security slackware com)

CVE-2017-7615 Mantis Bug Tracker v1.3.0 / 2.3.0 Pre-Auth Remote Password Reset 2017-04-18
apparitionsec gmail com (hyp3rlinx)

[CVE-2017-5661] Apache XML Graphics FOP information disclosure vulnerability 2017-04-18
Simon Steiner (simonsteiner1984 gmail com)

[ANNOUNCE] HPACK Bomb Attack vulnerability in ATS - CVE-2016-5396 2017-04-17
Bryan Call (bcall apache org)

Malware

 

Phishing

HSBC

20th April 2017

Confirm your email address

Vulnerebility

VMware Workstation and Horizon Client CVE-2017-4913 Integer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97920

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2017-04-20
http://www.securityfocus.com/bid/93152

VMware Workstation and Horizon View Client CVE-2017-4912 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97921

IBM Cognos TM1 CVE-2016-3036 Denial of Service Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97918

VMware Workstation and Horizon View Client CVE-2017-4911 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97916

IBM Cognos TM1 CVE-2016-3037 Information Disclosure Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97917

IBM Cognos TM1 CVE-2016-3038 Cross Site Scripting Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97915

VMware Unified Access Gateway and Horizon View Heap Based Buffer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97914

VMware Workstation and Horizon View Client CVE-2017-4910 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97913

OpenSSL CVE-2016-6308 Denial of Service Vulnerability
2017-04-20
http://www.securityfocus.com/bid/93151

YUI 'SWF' File Multiple Cross-Site Scripting Vulnerabilities
2017-04-20
http://www.securityfocus.com/bid/56385

VMware Workstation and Horizon View Client CVE-2016-4908 Heap Based Buffer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97912

VMware Workstation and Horizon View Client CVE-2016-4909 Heap Based Buffer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97911

Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/96729

XStream CVE-2016-3674 XML External Entity Multiple Information Disclosure Vulnerabilities
2017-04-20
http://www.securityfocus.com/bid/85381

PHP 'zip_stream.c' Integer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92099

PHP '/xmlrpc/libxmlrpc/simplestring.c' Heap Buffer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92095

Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/93236

PHP 'snmp.c' Denial of Service Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92094

PHP CVE-2016-6294 Local Information Disclosure Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92115

PHP 'exif.c' NULL Pointer Dereference Denial of Service Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92078

OpenSSL CVE-2016-6309 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/93177

PHP 'exif_process_IFD_in_MAKERNOTE' Out of Bounds Read Information Disclosure Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92073

PHP 'zend_virtual_cwd.c' Integer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92074

PHP 'php_url_prase_ex()' Function Memory Corruption Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92111

PHP 'session.c' Use After Free Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92097

Oracle VM VirtualBox CVE-2017-3538 Local Security Bypass Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97698

Apache Struts CVE-2016-4436 Security Bypass Vulnerability
2017-04-20
http://www.securityfocus.com/bid/91280

Apache Tomcat CVE-2016-8735 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/94463

BeanShell CVE-2016-2510 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/84139
VMware Workstation and Horizon Client CVE-2017-4913 Integer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97920

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2017-04-20
http://www.securityfocus.com/bid/93152

VMware Workstation and Horizon View Client CVE-2017-4912 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97921

IBM Cognos TM1 CVE-2016-3036 Denial of Service Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97918

VMware Workstation and Horizon View Client CVE-2017-4911 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97916

IBM Cognos TM1 CVE-2016-3037 Information Disclosure Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97917

IBM Cognos TM1 CVE-2016-3038 Cross Site Scripting Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97915

VMware Unified Access Gateway and Horizon View Heap Based Buffer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97914

VMware Workstation and Horizon View Client CVE-2017-4910 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97913

OpenSSL CVE-2016-6308 Denial of Service Vulnerability
2017-04-20
http://www.securityfocus.com/bid/93151

YUI 'SWF' File Multiple Cross-Site Scripting Vulnerabilities
2017-04-20
http://www.securityfocus.com/bid/56385

VMware Workstation and Horizon View Client CVE-2016-4908 Heap Based Buffer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97912

VMware Workstation and Horizon View Client CVE-2016-4909 Heap Based Buffer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97911

Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/96729

XStream CVE-2016-3674 XML External Entity Multiple Information Disclosure Vulnerabilities
2017-04-20
http://www.securityfocus.com/bid/85381

PHP 'zip_stream.c' Integer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92099

PHP '/xmlrpc/libxmlrpc/simplestring.c' Heap Buffer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92095

Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/93236

PHP 'snmp.c' Denial of Service Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92094

PHP CVE-2016-6294 Local Information Disclosure Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92115

PHP 'exif.c' NULL Pointer Dereference Denial of Service Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92078

OpenSSL CVE-2016-6309 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/93177

PHP 'exif_process_IFD_in_MAKERNOTE' Out of Bounds Read Information Disclosure Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92073

PHP 'zend_virtual_cwd.c' Integer Overflow Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92074

PHP 'php_url_prase_ex()' Function Memory Corruption Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92111

PHP 'session.c' Use After Free Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/92097

Oracle VM VirtualBox CVE-2017-3538 Local Security Bypass Vulnerability
2017-04-20
http://www.securityfocus.com/bid/97698

Apache Struts CVE-2016-4436 Security Bypass Vulnerability
2017-04-20
http://www.securityfocus.com/bid/91280

Apache Tomcat CVE-2016-8735 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/94463

BeanShell CVE-2016-2510 Remote Code Execution Vulnerability
2017-04-20
http://www.securityfocus.com/bid/84139

SANS News

DNS Query Length... Because Size Does Matter

Threatpost

Facebook Delegated Account Recovery SDKs Published for Java, Ruby Apps

IHG Confirms Second Credit Card Breach Impacting 1,000-Plus Hotels

Patched Flaw in Bosch Diagnostic Dongle Allowed Researchers to Shut Off Engine

Microsoft Touts New Phone-Based Login Mechanism

Exploit

Huawei HG532n - Command Injection (Metasploit)

19.4.2017

Bugtraq

DefenseCode ThunderScan SAST Advisory: Ultimate Form Builder Cross-Site Scripting (XSS) Vulnerability 2017-04-19
DefenseCode (defensecode defensecode com)

CVE-2017-7220. OpenText Documentum Content Server: privilege evaluation using crafted RPC save-commands. 2017-04-19
Andrey B. Panfilov (andrew panfilov tel)

CVE-2017-7692: Squirrelmail 1.4.22 Remote Code Execution 2017-04-19
Filippo Cavallarin (filippo cavallarin wearesegment com)

[slackware-security] minicom (SSA:2017-108-01) 2017-04-19
Slackware Security Team (security slackware com)

CVE-2017-7615 Mantis Bug Tracker v1.3.0 / 2.3.0 Pre-Auth Remote Password Reset 2017-04-18
apparitionsec gmail com (hyp3rlinx)

[CVE-2017-5661] Apache XML Graphics FOP information disclosure vulnerability 2017-04-18
Simon Steiner (simonsteiner1984 gmail com)

[ANNOUNCE] HPACK Bomb Attack vulnerability in ATS - CVE-2016-5396 2017-04-17
Bryan Call (bcall apache org)

Watchguard Fireware XXE DoS & User Enumeration 2017-04-17
David Fernandez (david fdmv gmail com)

Malware

TrojanDownloader:Win32/Adload.DO

JS.Downloader.H

Phishing

 

Vulnerebility

Bouncy Castle CVE-2015-7940 Information Disclosure Vulnerability
2017-04-19
http://www.securityfocus.com/bid/79091

OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2017-04-19
http://www.securityfocus.com/bid/75154

Apache Tomcat CVE-2016-6817 Denial of Service Vulnerability
2017-04-19
http://www.securityfocus.com/bid/94462

Apache Tomcat CVE-2016-6816 Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/94461

Apache Tomcat CVE-2016-6797 Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/93940

Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/93944

Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/93943

Apache Tomcat Security Manager CVE-2016-5018 Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/93942

X.Org libXt CVE-2013-2005 Multiple Memory Corruption Vulnerabilities
2017-04-19
http://www.securityfocus.com/bid/60133

X.Org libXcursor '_XcursorFileHeaderCreate()' Function Remote Code Execution Vulnerability
2017-04-19
http://www.securityfocus.com/bid/60121

X.Org libXt '_XtResourceConfigurationEH()' Function Remote Code Execution Vulnerability
2017-04-19
http://www.securityfocus.com/bid/60137

X.Org libXi CVE-2013-1998 Multiple Remote Code Execution Vulnerabilities
2017-04-19
http://www.securityfocus.com/bid/60127

X.Org libXrender CVE-2013-1987 Multiple Remote Code Execution Vulnerabilities
2017-04-19
http://www.securityfocus.com/bid/60132

X.Org libXi 'XListInputDevices()' Memory Corruption Vulnerability
2017-04-19
http://www.securityfocus.com/bid/60124

cURL CVE-2016-8620 Remote Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/94102

cURL CVE-2016-8619 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/94100

cURL/libcURL CVE-2016-8617 Remote Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/94097

cURL/libcURL CVE-2016-8618 Remote Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/94098

cURL/libcURL CVE-2016-8616 Remote Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/94094

cURL/libcURL CVE-2016-8615 Cookie Injection Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/94096

cURL/libcurl CVE-2016-5421 Local Use After Free Denial of Service Vulnerability
2017-04-19
http://www.securityfocus.com/bid/92306

cURL/libcURL CVE-2016-5420 Certificate Validation Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/92309

cURL/libcURL CVE-2016-5419 Remote Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/92292

cURL CVE-2016-4802 DLL Loading Local Code Execution Vulnerability
2017-04-19
http://www.securityfocus.com/bid/90997

IETF RFC 3279 X.509 Certificate MD5 Signature Collision Vulnerability
2017-04-19
http://www.securityfocus.com/bid/33065

Samba CVE-2015-5252 Symlink Vulnerability
2017-04-19
http://www.securityfocus.com/bid/79733

MariaDB and MySQL CVE-2017-3302 Denial of Service Vulnerability
2017-04-19
http://www.securityfocus.com/bid/96162

MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97023

OpenSSL CVE-2017-3730 NULL Pointer Dereference Denial of Service Vulnerability
2017-04-19
http://www.securityfocus.com/bid/95812

cURL/libcURL CVE-2016-8625 Remote Security Bypass Vulnerability
2017-04-19
http://www.securityfocus.com/bid/94107Oracle WebCenter Sites CVE-2017-3541 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97809

Oracle PeopleSoft Enterprise SCM eBill Payment CVE-2017-3571 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97909

Oracle PeopleSoft Enterprise PeopleTools CVE-2017-3520 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97908

Oracle WebCenter Sites CVE-2017-3602 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97823

Oracle WebCenter Sites CVE-2017-3598 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97905

Oracle PeopleSoft Enterprise FSCM CVE-2017-3570 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97906

Oracle WebCenter Sites CVE-2017-3603 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97907

Oracle PeopleSoft Enterprise CS Campus Community CVE-2017-3577 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97903

Oracle WebCenter Sites CVE-2017-3597 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97904

Oracle PeopleSoft Enterprise SCM Strategic Sourcing CVE-2017-3524 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97902

Oracle WebCenter Sites CVE-2017-3594 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97901

Oracle PeopleSoft Enterprise PeopleTools CVE-2017-3536 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97898

Oracle WebCenter Sites CVE-2017-3591 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97899

Oracle GlassFish Server CVE-2017-3626 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97896

Oracle PeopleSoft Enterprise FIN Receivables CVE-2017-3502 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97897

Oracle Primavera Unifier CVE-2017-3501 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97895

Oracle Primavera Products CVE-2017-3583 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97893

Oracle WebLogic Server CVE-2017-3531 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97894

Oracle PeopleSoft Enterprise PeopleTools CVE-2017-3547 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97892

Oracle Primavera Products CVE-2017-3503 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97891

Oracle Service Bus CVE-2017-3507 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97888

Oracle PeopleSoft Enterprise SCM eSupplier Connection CVE-2017-3522 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97890

Oracle Primavera Products CVE-2017-3508 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97889

Oracle Primavera Products CVE-2017-3579 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97886

Oracle PeopleSoft Enterprise PeopleTools CVE-2017-3519 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97885

Oracle WebCenter Sites CVE-2017-3595 Remote Security Vulnerability
2017-04-19
http://www.securityfocus.com/bid/97887

Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2017-04-19
http://www.securityfocus.com/bid/77524

Oracle PeopleSoft Enterprise SCM Service Procurement CVE-2017-3525 Remote Security Vulnerability
2017-04-19
http://w