Databáze Hot News - Rok - Úvod  2018  2017  2016  2015  2014  2013  - 1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  List  - 2018  2017  2016  2015  2014  2013 
Poslední aktualizace v 08.10.2016 14:19:38
 

12.11.2016

Bugtraq

Secunia Research: Microsoft Windows OTF Parsing Table Encoding Record Offset Vulnerability 2016-11-10
Secunia Research (remove-vuln secunia com)

CVE-2016-6809 â?? Arbitrary Code Execution Vulnerability in Apache Tikaâ??s MATLAB Parser 2016-11-10
tallison apache org

Malware

W97M.Empstage

Trojan.Flokibot

Phishing

Wells Fargo Online

11th November 2016

Security Alert: Suspicious
Activity

Apple

11th November 2016

RE: UPDATE YOUR APPLE ID
ACCOUNT INFORMATION !

WELSFARGO

11th November 2016

ACCOUNT SECURITY RESPONSE
REQUIRE

CANADIAN PHARMACY

11th November 2016

DISCOUNT 35%

Vulnerebility

Multiple Huawei HG532 Routers CVE-2015-7254 Directory Traversal Vulnerability
2016-11-12
http://www.securityfocus.com/bid/77506

Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerabilities
2016-11-12
http://www.securityfocus.com/bid/94274

PHP 'bzcompress()' Function Denial of Service Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94278

PHP '_php_imap_mail()' Function Integer Overflow Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94277

Docker Multiple Security Bypass Vulnerabilities
2016-11-12
http://www.securityfocus.com/bid/94272

TYPO3 TC Directmail SQL Injection and Cross Site Scripting Vulnerabilities
2016-11-12
http://www.securityfocus.com/bid/94276

PHP 'zend_symtable_clean()' Function Out of Bounds Read Denial of Service Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94275

TYPO3 HTML5 Video Player Extension Unspecified Cross Site Scripting Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94273

LibTIFF CVE-2016-9273 Heap Buffer Overflow Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94271

PHP 'gdImageScaleBilinearPalette()' Function Integer Overflow Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94270

Drupal D8 Editor File upload Module Cross Site Scripting Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94267

Drupal Workbench Moderation Module Information Disclosure Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94269

Foreman CVE-2016-8639 Multiple HTML Injection Vulnerabilities
2016-11-12
http://www.securityfocus.com/bid/94263

Microsoft SQL Server CVE-2016-7250 Privilege Escalation Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94060

Teradata Virtual Machine Community Edition Multiple Security Vulnerabilities
2016-11-12
http://www.securityfocus.com/bid/94262

IBM Resilient CVE-2016-6062 Unspecified Cross Site Scripting Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94268

PHP 'gdImageAALine()' Function Integer Overflow Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94265

Drupal Views Send Module Cross Site Scripting Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94266

F5 BIG-IP ASM CVE-2016-7472 Denial of Service Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94260

Linux Kernel CVE-2016-8645 Local Denial of Service Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94264

Exponent CMS CVE-2016-9272 SQL Injection Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94261

Computer Associates Service Desk Manager CVE-2016-9148 Cross Site Scripting Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94258

MoinMoin Multiple HTML Injection Vulnerabilities
2016-11-12
http://www.securityfocus.com/bid/94259

Teradata Studio Express CVE-2016-7490 Insecure Temporary File Creation Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94255

CA Unified Infrastructure Management Directory Traversal And Security Bypass Vulnerabilities
2016-11-12
http://www.securityfocus.com/bid/94257

Computer Associates Unified Infrastructure Management Directory Traversal Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94243

libming 'listmp3.c' Memory Corruption Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94254

Appweb CVE-2014-9708 Null Pointer Deference Denial of Service Vulnerability
2016-11-12
http://www.securityfocus.com/bid/73407

RETIRED: Palo Alto Networks PAN-OS Denial of Service Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94198

libming 'listmp3.c' Buffer Overflow Vulnerability
2016-11-12
http://www.securityfocus.com/bid/94251

SANS News

 

Threatpost

 

Exploit

 

11.11.2016

Bugtraq

Secunia Research: Microsoft Windows OTF Parsing Table Encoding Record Offset Vulnerability 2016-11-10
Secunia Research (remove-vuln secunia com)

CVE-2016-6809 â?? Arbitrary Code Execution Vulnerability in Apache Tikaâ??s MATLAB Parser 2016-11-10
tallison apache org

Secunia Research: Oracle Outside In "GetTxObj()" Use-After-Free Vulnerability 2016-11-10
Secunia Research (remove-vuln secunia com)

Secunia Research: Oracle Outside In "VwStreamRead()" Buffer Overflow Vulnerability 2016-11-10
Secunia Research (remove-vuln secunia com)

WININET CHttpHeaderParser::ParseStatusLine out-of-bounds read details 2016-11-10
Berend-Jan Wever (berendj nwever nl)

Blind SQL Injection Vulnerability in Exponent CMS 2.4.0 2016-11-10
nickyccwu tencent com

MSIE 9-11 MSHTML PROPERTYDESC::HandleStyleComponentProperty OOB read details 2016-11-09
Berend-Jan Wever (berendj nwever nl)

Malware

Exp.CVE-2016-7255

Ransom.Telecrypt

TrojanSpy:MSIL/Omaneat.H!bit 
TrojanDropper:Win32/Sality!rfn 
Backdoor:MSIL/Geravib.A 
TrojanSpy:MSIL/Golroted.F 
TrojanSpy:Win32/Nivdort.DO 

Phishing

USAA

10th November 2016

Urgent - Incoming Payment On
Hold

Bank of America Alert

10th November 2016

Security Alert: Suspicious
Activity

Barclays

10th November 2016

Notification

USAA

10th November 2016

Account Mail Notice

PayPal

9th November 2016

WE'VE DISABLED YOUR ACCOUNT
DUE TO SUSPICIOUS ACTIVITY.

Vulnerebility

MoinMoin Multiple HTML Injection Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94259

Teradata Studio Express CVE-2016-7490 Insecure Temporary File Creation Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94255

CA Unified Infrastructure Management Directory Traversal And Security Bypass Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94257

Computer Associates Unified Infrastructure Management Directory Traversal Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94243

libming 'listmp3.c' Memory Corruption Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94254

Appweb CVE-2014-9708 Null Pointer Deference Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/73407

RETIRED: Palo Alto Networks PAN-OS Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94198

libming 'listmp3.c' Buffer Overflow Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94251

Adobe Reader and Acrobat CVE-2016-4095 Memory Corruption Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94253

libming 'listmp3.c' Divide By Zero Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94252

Multiple I-O DATA Network Camera Products CVE-2016-7814 Information Disclosure Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94250

Corega CG-WLBARGMH and CG-WLBARGNL Routers CVE-2016-7808 Cross Site Scripting Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94249

Corega CG-WLR300NX Multiple Security Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94248

Apache Tika CVE-2016-6809 Remote Code Execution Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94247

Dotclear CVE-2016-9268 Arbitrary File Upload Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94246

DokuWiki CVE-2016-7964 SSRF Security Bypass Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94245

MuJS Multiple Security Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94241

OpenSSL CVE-2016-7053 NULL Pointer Dereference Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94244

OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94242

RealNetworks RealPlayer CVE-2016-9018 Null Pointer Dereference Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94239

Brocade NetIron OS CVE-2016-8203 Memory Corruption Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94232

F5 BIG-IP LTM Products CVE-2016-5745 Security Bypass Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94240

MuJS CVE-2016-7505 Buffer Overflow Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94231

DokuWiki CVE-2016-7965 Host Address Spoofing Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94237

libcsp Multiple Buffer Overflow Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94226

Micro Focus Rumba CVE-2016-9176 Multiple Local Stack Buffer Overflow Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94236

Bitcoin Knots CVE-2016-8889 Local Information Disclosure Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94235

OpenSSL CVE-2016-7054 Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94238

Python Pillow Multiple Security Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94234

Foreman CVE-2016-7077 Local Information Disclosure Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94230

DokuWiki CVE-2016-7964 SSRF Security Bypass Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94245

MuJS Multiple Security Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94241

OpenSSL CVE-2016-7053 NULL Pointer Dereference Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94244

Computer Associates Unified Infrastructure Management Directory Traversal Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94243

OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94242

RealNetworks RealPlayer CVE-2016-9018 Null Pointer Dereference Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94239

Brocade NetIron OS CVE-2016-8203 Memory Corruption Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94232

F5 BIG-IP LTM Products CVE-2016-5745 Security Bypass Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94240

MuJS CVE-2016-7505 Buffer Overflow Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94231

DokuWiki CVE-2016-7965 Host Address Spoofing Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94237

libcsp Multiple Buffer Overflow Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94226

Micro Focus Rumba CVE-2016-9176 Multiple Local Stack Buffer Overflow Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94236

Bitcoin Knots CVE-2016-8889 Local Information Disclosure Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94235

OpenSSL CVE-2016-7054 Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94238

Python Pillow Multiple Security Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94234

Foreman CVE-2016-7077 Local Information Disclosure Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94230

Apache Ranger CVE-2016-6815 Local Privilege Escalation Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94221

Botan CVE-2016-8871 Local Information Disclosure Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94225

Docker CVE-2016-8867 Security Bypass Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94228

Exponent CMS SQL Injection and Security Bypass Vulnerabilities
2016-11-11
http://www.securityfocus.com/bid/94227

Citrix Receiver Desktop CVE-2016-9111 Local Authentication Bypass Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94229

MuJS CVE-2016-9136 Information Disclosure Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94223

Redhat JBoss Enterprise Application Platform CVE-2016-7061 Information Disclosure Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94222

JasPer CVE-2016-9262 Integer Overflow Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94224

perl-Image-Info CVE-2016-9181 XML External Entity Injection Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94220

SparkJava Spark CVE-2016-9177 Directory Traversal Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94218

Linux Kernel 'crypto/lrw.c' Local Denial of Service Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94217

perl-XML-Twig CVE-2016-9180 XML External Entity Injection Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94219

IBM BigFix Platform CVE-2016-0296 Local Information Disclosure Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94213

Python Cryptography CVE-2016-9243 Security Bypass Vulnerability
2016-11-11
http://www.securityfocus.com/bid/94216

SANS News

Benevolent malware? reincarna/Linux.Wifatch

Threatpost

OpenSSL Patches High-Severity Denial-of-Service Bug

BlackNurse Low-Volume DoS Attack Targets Firewalls

Yahoo Tells SEC It Knew About Data Breach in 2014

Siemens Discloses Local Privilege Escalation Bug in SCADA Gear

Signal Audit Reveals Protocol Cryptographically Sound

Exploit

Microsoft Internet Explorer 9-11 MSHTML -...

Microsoft WININET.dll - CHttp­Header­Parser::Parse­Status­Line Out-of-Bounds Read (M...

vBulletin 4.2.3 - SQL Injection

4Images 1.7.13 - SQL Injection

MyBB 1.8.6 - Cross-Site Scripting

10.11.2016

Bugtraq

WININET CHttpHeaderParser::ParseStatusLine out-of-bounds read details 2016-11-10
Berend-Jan Wever (berendj nwever nl)

Blind SQL Injection Vulnerability in Exponent CMS 2.4.0 2016-11-10
nickyccwu tencent com

MSIE 9-11 MSHTML PROPERTYDESC::HandleStyleComponentProperty OOB read details 2016-11-09
Berend-Jan Wever (berendj nwever nl)

[SECURITY] [DSA 3709-1] libxslt security update 2016-11-08
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBGN03670 rev.1 - HPE Business Service Management (BSM) using Java Deserialization, Remote Code Execution 2016-11-08
security-alert hpe com

URL Redirection Vulnerability In Verint Impact 360 2016-11-08
sanehsingh controlcase com

Malware

 

Phishing

USAA

10th November 2016

Account Mail Notice

PayPal

9th November 2016

WE'VE DISABLED YOUR ACCOUNT
DUE TO SUSPICIOUS ACTIVITY.

Apple

9th November 2016

Your iTunes account will be
deactivated .

USAA

9th November 2016

USAA Security Preferences
Message

Vulnerebility

Lynx CVE-2016-9179 URL Redirection Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94215

Linux Kernel CVE-2016-8632 Local Heap Overflow Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94211

Google Nexus Qualcomm Crypto Engine Driver CVE-2016-6738 Privilege Escalation Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94208

Google Nexus Mediaserver CVE-2016-6747 Denial of Service Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94212

Google Android Qualcomm Bus Driver CVE-2016-3904 Privilege Escalation Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94210

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-11-10
http://www.securityfocus.com/bid/93793

Google Pixel C NVIDIA GPU driver CVE-2016-6746 Information Disclosure Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94209

Linux Kernel CVE-2015-8963 Use After Free Remote Code Execution Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94207

Foreman CVE-2016-8634 HTML Injection Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94206

OpenStack Heat Template URL CVE-2016-9185 Information Disclosure Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94205

Google Android CVE-2016-6754 Remote Code Execution Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94204

Linux Kernel 'tuners/tuner-xc2028.c' Local Use After Free Memory Corruption Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94201

Google Android Kernel ION Subsystem Multiple Remote Privilege Escalation Vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94202

Google Nexus Qualcomm Bootloader CVE-2016-6729 Privilege Escalation Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94203

Linux kernel 'usb/gadget/function/f_fs.c' Use After Free Local Denial of Service Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94197

Palo Alto Networks PAN-OS Cross Site Scripting Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94200

Palo Alto Networks PAN-OS Denial of Service Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94198

Palo Alto Networks PAN-OS Security Bypass Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94199

Google Chrome Multiple Security Vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94196

HPE Network Node Manager i (NNMi) Multiple Security vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94195

Moodle CVE-2016-9186 Arbitrary File Upload Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94190

Moodle CVE-2016-9187 Arbitrary File Upload Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94191

Google Android Bluetooth CVE-2016-6719 Remote Privilege Escalation Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94179

Exponent CMS CVE-2016-9242 Multiple SQL Injection Vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94194

Adobe Flash Player CVE-2016-7020 Use After Free Remote Code Execution Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94192

IBM BigFix Platform CVE-2016-0214 Unspecified Arbitrary File Upload Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94193

Moodle CVE-2016-9188 Multiple Cross Site Scripting Vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94189

Linux Kernel CVE-2015-8962 Memory Corruption Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94187

HP Business Service Management Software CVE-2016-4405 Remote Code Execution Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94183

HP KeyView Multiple Security Vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94184
 

HPE Network Node Manager i (NNMi) Multiple Security vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94195

Moodle CVE-2016-9186 Arbitrary File Upload Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94190

Moodle CVE-2016-9187 Arbitrary File Upload Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94191

Google Android Bluetooth CVE-2016-6719 Remote Privilege Escalation Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94179

Exponent CMS CVE-2016-9242 Multiple SQL Injection Vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94194

Adobe Flash Player CVE-2016-7020 Use After Free Remote Code Execution Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94192

IBM BigFix Platform CVE-2016-0214 Unspecified Arbitrary File Upload Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94193

Moodle CVE-2016-9188 Multiple Cross Site Scripting Vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94189

Linux Kernel CVE-2015-8962 Memory Corruption Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94187

HP Business Service Management Software CVE-2016-4405 Remote Code Execution Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94183

HP KeyView Multiple Security Vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94184

Google Android Input Manager Service CVE-2016-6724 Denial of Service Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94180

Google Android Proxy Auto Config CVE-2016-6723 Denial of Service Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94185

Google Android Mediaserver CVE-2016-6717 Privilege Escalation Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94178

FortiWLC CVE-2016-8491 Hardcoded Account Security Bypass Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94186

IBM BigFix Platform CVE-2016-0297 Man in the Middle Information Disclosure Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94188

Google Nexus Qualcomm Crypto Driver CVE-2016-6725 Remote Code Execution Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94182

SAP Hybris E-commerce Suite VirtualJDBC SQL Injection Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94181

Multiple NVIDIA Products Multiple Local Privilege Escalation Vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94177

SAP Message Server HTTP Daemon Denial of Service Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94176

Google Android Account Manager Service CVE-2016-6718 Local Privilege Escalation Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94175

Multiple NVIDIA Products GPU Display Driver Multiple Local Privilege Escalation Vulnerabilities
2016-11-10
http://www.securityfocus.com/bid/94172

Google Android Framework APIs CVE-2016-6715 Privilege Escalation Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94173

Google Android AOSP Launcher CVE-2016-6716 Local Privilege Escalation Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94171

SAP NetWeaver Java AS 'Webdynpro' Component Information Disclosure Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94174

Google Android Bluetooth CVE-2014-9908 Denial of Service Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94167

Google Android Download Manager CVE-2016-6710 Information Disclosure Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94170

Google Android Conscrypt CVE-2016-6709 Information Disclosure Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94169

Google Android CVE-2016-6708 Local Privilege Escalation Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94166

Google Android Skia CVE-2016-6701 Memory Corruption Vulnerability
2016-11-10
http://www.securityfocus.com/bid/94162

SANS News

November 2016 Microsoft Patch Day

Packet Capture Options

Threatpost

Google to Red Flag ‘Repeat Offender’ Websites

Locky Targets OPM Breach Victims
OAuth 2.0 Hack Exposes 1 Billion Mobile Apps to Account Hijacking

Exploit

Microsoft Windows Kernel - win32k Denial of Service (MS16-135)

Microsoft Windows - LSASS SMB NTLM Exchange Null-Pointer Dereference (MS16-137)

VBScript 5.8.7600.16385 / 5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read

Adobe Connect 9.5.7 - Cross-Site Scripting

9.11.2016

Bugtraq

Cross-Site Scripting in Calendar WordPress Plugin 2016-11-08
Summer of Pwnage (lists securify nl)

Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin 2016-11-08
Summer of Pwnage (lists securify nl)

Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin 2016-11-08
Summer of Pwnage (lists securify nl)

Cross Site Scripting Vulnerability In Verint Impact 360 2016-11-08
sanehsingh controlcase com

Malware

Trojan:Win32/Barlaiy.A!dha 
TrojanDropper:Win32/Barlaiy.A!dha 
Win32/SupTab 

Phishing

Santander

8th November 2016

NEW SECURITY PRECAUTIONS

AOL

8th November 2016

Update

Bank of America

8th November 2016

Security Alerts

Paypal Service

8th November 2016

Your account has been limited
Please update Your information

REGIONS

8th November 2016

New 15 Important Message From
REGIONS "howiem@bigfoot.com"

Vulnerebility

Google Android Conscrypt CVE-2016-6709 Information Disclosure Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94169

Google Android CVE-2016-6708 Local Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94166

Google Android Skia CVE-2016-6701 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94162

Google Android System Server CVE-2016-6707 Remote Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94164

Google Android Runtime Library CVE-2016-6703 Remote Code Execution Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94161

Google Android libjpeg CVE-2016-6702 Remote Code Execution Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94160

Phoenix Contact ILC PLC Authentication Bypass and Information Disclosure Vulnerabilities
2016-11-09
http://www.securityfocus.com/bid/94163

Multiple Siemens Products CVE-2016-7165 Local Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94158

OSIsoft PI System CVE-2016-8365 Local Denial of Service Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94165

Adobe Flash Player Type Confusion Multiple Remote Code Execution Vulnerabilities
2016-11-09
http://www.securityfocus.com/bid/94151

Adobe Flash Player APSB16-37 Multiple Remote Code Execution Vulnerabilities
2016-11-09
http://www.securityfocus.com/bid/94153

Google Android libzipfile CVE-2016-6700 Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94159

Google Android Mediaserver CVE-2016-6699 Remote Code Execution Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94157

Microsoft Edge CVE-2016-7204 Information Disclosure Vulnerability
2016-11-09
http://www.securityfocus.com/bid/93970

Microsoft Office CVE-2016-7234 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94020

Microsoft Office CVE-2016-7233 Information Disclosure Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94031

Microsoft Office CVE-2016-7235 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94022

Microsoft Office CVE-2016-7244 Denial of Service Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94029

Microsoft Office CVE-2016-7236 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94025

Microsoft Office CVE-2016-7213 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/93993

Microsoft Office CVE-2016-7228 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/93994

Microsoft Office CVE-2016-7245 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94026

Microsoft Office CVE-2016-7231 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/93996

Microsoft Office CVE-2016-7229 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/93995

Microsoft Office CVE-2016-7232 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94005

Microsoft Office CVE-2016-7230 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94006

Microsoft Windows CVE-2016-7226 Local Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94018

Microsoft Windows CVE-2016-7184 Local Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94015

Microsoft Internet Explorer and Edge CVE-2016-7241 Remote Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94055

Microsoft Internet Explorer and Edge CVE-2016-7199 Information Disclosure Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94057
 

Microsoft Edge CVE-2016-7204 Information Disclosure Vulnerability
2016-11-09
http://www.securityfocus.com/bid/93970

Microsoft Office CVE-2016-7234 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94020

Microsoft Office CVE-2016-7233 Information Disclosure Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94031

Microsoft Office CVE-2016-7235 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94022

Microsoft Office CVE-2016-7244 Denial of Service Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94029

Microsoft Office CVE-2016-7236 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94025

Microsoft Office CVE-2016-7213 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/93993

Microsoft Office CVE-2016-7228 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/93994

Microsoft Office CVE-2016-7245 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94026

Microsoft Office CVE-2016-7231 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/93996

Microsoft Office CVE-2016-7229 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/93995

Microsoft Office CVE-2016-7232 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94005

Microsoft Office CVE-2016-7230 Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94006

Microsoft Windows CVE-2016-7226 Local Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94018

Microsoft Windows CVE-2016-7184 Local Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94015

Microsoft Internet Explorer and Edge CVE-2016-7241 Remote Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94055

Microsoft Internet Explorer and Edge CVE-2016-7199 Information Disclosure Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94057

Microsoft Windows CVE-2016-3343 Local Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94007

Microsoft Internet Explorer and Edge CVE-2016-7227 Information Disclosure Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94065

Microsoft Internet Explorer and Edge CVE-2016-7198 Remote Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94053

Microsoft Internet Explorer and Edge CVE-2016-7195 Remote Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94052

Microsoft Internet Explorer and Edge CVE-2016-7196 Remote Memory Corruption Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94051

Microsoft Windows CVE-2016-3342 Local Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94013

Microsoft Edge and Internet Explorer XSS Filter CVE-2016-7239 Information Disclosure Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94059

Microsoft Windows CVE-2016-7237 Denial of Service Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94040

Microsoft Windows NTLM CVE-2016-7238 Local Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94045

Microsoft Windows Virtual Secure Mode CVE-2016-7220 Local Information Disclosure Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94036

Microsoft Windows CVE-2016-3340 Local Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94010

Microsoft Windows Boot Manager CVE-2016-7247 Local Security Bypass Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94058

Microsoft Windows Kernel CVE-2016-7216 Local Privilege Escalation Vulnerability
2016-11-09
http://www.securityfocus.com/bid/94048

SANS News

November 2016 Microsoft Patch Day

Threatpost

Adobe Patches Nine Code Execution Flaws in Flash Player

Google Releases Supplemental Patch for Dirty Cow Vulnerability

TrickBot Banking Trojan Adds New Browser Manipulation Tools

Exploit

 

8.11.2016

Bugtraq

[SECURITY] [DSA 3707-1] openjdk-7 security update 2016-11-07
Moritz Muehlenhoff (jmm debian org)

[CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow 2016-11-07
Pedro Ribeiro (pedrib gmail com)

[security bulletin] HPSBGN03643 rev.1 - HPE KeyView using Filter SDK, Remote Code Execution 2016-11-07
security-alert hpe com

Schoolhos CMS v2.29 - (kelas) Data Siswa SQL Injection Vulnerability 2016-11-07
Vulnerability Lab (research vulnerability-lab com)

Edusson (Robotdon) - Client Side Cross Site Scripting Vulnerability 2016-11-07
Vulnerability Lab (research vulnerability-lab com)

Edusson (Robotdon) BB - Filter Bypass & Persistent Vulnerability 2016-11-07
Vulnerability Lab (research vulnerability-lab com)

Faraznet Cms Cross-Site Scripting Vulnerability 2016-11-07
iedb team gmail com

Faraznet Cms Cross-Site Scripting Vulnerability 2016-11-07
iedb team gmail com

WinaXe v7.7 FTP 'Server Ready' CMD Remote Buffer Overflow 2016-11-05
apparitionsec gmail com/hyp3rlinx

Axessh 4.2.2 Denial Of Service 2016-11-05
apparitionsec gmail com/hyp3rlinx

Rapid PHP Editor CSRF Remote Command Execution 2016-11-05
apparitionsec gmail com/hyp3rlinx

[security bulletin] HPSBGN03656 rev.1 - HPE Network Node Manager i (NNMi) Software using Java Deserialization, Remote Arbitrary Code Execution and Cross-Site Scripting 2016-11-04
security-alert hpe com

Malware

 

Phishing

Bank of America

8th November 2016

Security Alerts

Paypal Service

8th November 2016

Your account has been limited
Please update Your information

REGIONS

8th November 2016

New 15 Important Message From
REGIONS "howiem@bigfoot.com"

service PayPal

7th November 2016

UPDATE REQUIRED : PAYPAL

Root User

7th November 2016

YOU HAVE A PROBLEM WITH YOUR
PAYPAL ACCOUNT (ACCOUNT
LIMITED)

Vulnerebility

Google Android Qualcomm Components Multiple Information Disclosure Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94139

Google Nexus Qualcomm Camera Driver Multiple Privilege Escalation Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94142

Google Android Mediaserver Multiple Information Disclosure Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94143

Google Pixel C NVIDIA GPU Driver Multiple Privilege Escalation Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94140

Google Android Mediaserver Multiple Privilege Escalation Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94134

Google Android Mediaserver Multiple Denial of Service Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94137

GitLab CVE-2016-9086 Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94136

Linux kernel Local Use After Free Multiple Denial of Service Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94135

Google Android 'Qualcomm' components Multiple Unspecified Security Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94133

Linux Kernel Multiple Information Disclosure Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94138

Google Nexus Synaptics Touchscreen Driver Multiple Privilege Escalation Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94131

Terminology CVE-2015-8971 Arbitrary Command Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94132

Linux Kernel CVE-2016-9191 Local Denial of Service Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94129

Multiple D-Link DIR Routers CVE-2016-6563 Remote Stack Overflow Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94130

Dracut CVE-2016-8637 Local Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94128

Multiple Pivotal Products CVE-2016-6657 Unspecified Open Redirection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94126

Exponent CMS Multiple SQL Injection Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94127

GMER CVE-2016-4289 Stack Buffer Overflow Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94124

Zabbix CVE-2016-9140 Remote Code Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94125

Cisco Prime Collaboration Provisioning CVE-2016-6451 Multiple Cross Site Scripting Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/93917

Square git-fastclone Multiple Remote Command Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/81433

Exponent CMS CVE-2016-7095 Arbitrary File Upload Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94121

SAP Adaptive Server Enterprise SQL Injection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/92950

Samsung Mobile Phones CVE-2016-7160 Null Pointer Dereference Denial of Service Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94120

Apple macOS/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/93849

phpMyAdmin CVE-2016-6610 Full Path Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94118

phpMyAdmin CVE-2016-6611 SQL-Injection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94117

Adobe Acrobat and Reader CVE-2016-6938 Use-After-Free Remote Code Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/93016

Apple iOS and macOS CVE-2016-7613 Local Code Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94116

phpMyAdmin CVE-2016-6613 Local Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94115
 

Linux Kernel CVE-2016-9191 Local Denial of Service Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94129

Multiple D-Link DIR Routers CVE-2016-6563 Remote Stack Overflow Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94130

Dracut CVE-2016-8637 Local Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94128

Multiple Pivotal Products CVE-2016-6657 Unspecified Open Redirection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94126

Exponent CMS Multiple SQL Injection Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94127

GMER CVE-2016-4289 Stack Buffer Overflow Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94124

Zabbix CVE-2016-9140 Remote Code Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94125

Cisco Prime Collaboration Provisioning CVE-2016-6451 Multiple Cross Site Scripting Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/93917

Square git-fastclone Multiple Remote Command Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/81433

Exponent CMS CVE-2016-7095 Arbitrary File Upload Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94121

SAP Adaptive Server Enterprise SQL Injection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/92950

Samsung Mobile Phones CVE-2016-7160 Null Pointer Dereference Denial of Service Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94120

Apple macOS/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/93849

phpMyAdmin CVE-2016-6610 Full Path Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94118

phpMyAdmin CVE-2016-6611 SQL-Injection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94117

Adobe Acrobat and Reader CVE-2016-6938 Use-After-Free Remote Code Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/93016

Apple iOS and macOS CVE-2016-7613 Local Code Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94116

phpMyAdmin CVE-2016-6613 Local Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94115

phpMyAdmin CVE-2016-6609 PHP Code Injection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94112

phpMyAdmin CVE-2016-6606 Security Bypass Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94114

phpMyAdmin CVE-2016-6612 Local Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94113

WebKit CVE-2016-4677 Memory Corruption Vulnerability
2016-11-08
http://www.securityfocus.com/bid/93853

Apple macOS Prior to 10.12.1 Multiple Security Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/93852

HP System Management Homepage Multiple Security Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/93961

Redis CVE-2016-2121 Local Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94111

Red Hat OpenShift Enterprise CVE-2016-8631 Security Bypass Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94110

Ansible CVE-2016-8628 Remote Command Injection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94109

Ansible CVE-2016-8614 Security Bypass Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94108

cURL/libcURL CVE-2016-8625 Remote Security Bypass Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94107

cURL/libcURL CVE-2016-8623 Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94106
 

Linux Kernel CVE-2016-9191 Local Denial of Service Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94129

Multiple D-Link DIR Routers CVE-2016-6563 Remote Stack Overflow Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94130

Dracut CVE-2016-8637 Local Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94128

Multiple Pivotal Products CVE-2016-6657 Unspecified Open Redirection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94126

Exponent CMS Multiple SQL Injection Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/94127

GMER CVE-2016-4289 Stack Buffer Overflow Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94124

Zabbix CVE-2016-9140 Remote Code Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94125

Cisco Prime Collaboration Provisioning CVE-2016-6451 Multiple Cross Site Scripting Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/93917

Square git-fastclone Multiple Remote Command Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/81433

Exponent CMS CVE-2016-7095 Arbitrary File Upload Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94121

SAP Adaptive Server Enterprise SQL Injection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/92950

Samsung Mobile Phones CVE-2016-7160 Null Pointer Dereference Denial of Service Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94120

Apple macOS/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/93849

phpMyAdmin CVE-2016-6610 Full Path Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94118

phpMyAdmin CVE-2016-6611 SQL-Injection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94117

Adobe Acrobat and Reader CVE-2016-6938 Use-After-Free Remote Code Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/93016

Apple iOS and macOS CVE-2016-7613 Local Code Execution Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94116

phpMyAdmin CVE-2016-6613 Local Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94115

phpMyAdmin CVE-2016-6609 PHP Code Injection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94112

phpMyAdmin CVE-2016-6606 Security Bypass Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94114

phpMyAdmin CVE-2016-6612 Local Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94113

WebKit CVE-2016-4677 Memory Corruption Vulnerability
2016-11-08
http://www.securityfocus.com/bid/93853

Apple macOS Prior to 10.12.1 Multiple Security Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/93852

HP System Management Homepage Multiple Security Vulnerabilities
2016-11-08
http://www.securityfocus.com/bid/93961

Redis CVE-2016-2121 Local Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94111

Red Hat OpenShift Enterprise CVE-2016-8631 Security Bypass Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94110

Ansible CVE-2016-8628 Remote Command Injection Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94109

Ansible CVE-2016-8614 Security Bypass Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94108

cURL/libcURL CVE-2016-8625 Remote Security Bypass Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94107

cURL/libcURL CVE-2016-8623 Information Disclosure Vulnerability
2016-11-08
http://www.securityfocus.com/bid/94106

SANS News

 

Threatpost

Clever Gmail Hack Let Attackers Take Over Accounts
Microsoft Tears off the Band-Aid with EMET

Tesco Bank Stops Online Transactions After Money Missing from 20K Accounts

Risk of Election Day Cyberattacks Low According To Experts

Exploit

 

7.11.2016

Bugtraq

 

Malware

BrowserModifier:Win32/SupTab 
BrowserModifier:Win32/SupTab!blnk 
Win32/SupTab 
PWS:Win32/Dyzap.X 
TrojanDownloader:Win32/Misfox 
Backdoor:Win32/Kreen.A!bit 
TrojanDropper:Win32/Evotob.AC 
TrojanDropper:Win32/Randrew!rfn 
TrojanDropper:Win32/Randrew.A!bit 

Phishing

Root User

7th November 2016

YOU HAVE A PROBLEM WITH YOUR
PAYPAL ACCOUNT (ACCOUNT
LIMITED)

SUPPORT

6th November 2016

AMAZON ACCOUNT : Failed to
verify your account Amazon
10/29/2016 12:19:35

NET_FLIX

6th November 2016

CHECK YOUR ACCOUNT !

Vulnerebility

Apple macOS/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2016-11-07
http://www.securityfocus.com/bid/93849

phpMyAdmin CVE-2016-6611 SQL-Injection Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94117

Adobe Acrobat and Reader CVE-2016-6938 Use-After-Free Remote Code Execution Vulnerability
2016-11-07
http://www.securityfocus.com/bid/93016Apple

macOS Prior to 10.12.1 Multiple Security Vulnerabilities
2016-11-07
http://www.securityfocus.com/bid/93852

HP System Management Homepage Multiple Security Vulnerabilities
2016-11-07
http://www.securityfocus.com/bid/93961

Redis CVE-2016-2121 Local Information Disclosure Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94111

Red Hat OpenShift Enterprise CVE-2016-8631 Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94110

Ansible CVE-2016-8628 Remote Command Injection Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94109

cURL/libcURL CVE-2016-8625 Remote Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94107

cURL/libcURL CVE-2016-8623 Information Disclosure Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94106

cURL/libcURL CVE-2016-8622 Remote Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94105

cURL CVE-2016-8620 Remote Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94102

cURL/libcURL CVE-2016-8624 Remote Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94103

cURL/libcURL CVE-2016-8621 Information Disclosure Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94101

cURL CVE-2016-8619 Remote Security Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94100

Gajim OTR Plugin CVE-2016-9107 Information Disclosure Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94099

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-11-07
http://www.securityfocus.com/bid/93793

cURL/libcURL CVE-2016-8618 Remote Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94098

cURL/libcURL CVE-2016-8617 Remote Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94097

cURL/libcURL CVE-2016-8615 Cookie Injection Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94096

cURL/libcURL CVE-2016-8616 Remote Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94094

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-07
http://www.securityfocus.com/bid/93964

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-07
http://www.securityfocus.com/bid/93965

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-07
http://www.securityfocus.com/bid/93956

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-07
http://www.securityfocus.com/bid/93955

Schneider Electric ION Power Meter Unspecified Cross Site Request Forgery Vulnerability
2016-11-07
http://www.securityfocus.com/bid/92916

Schneider Electric Magelis HMI Multiple Denial of Service Vulnerabilities
2016-11-07
http://www.securityfocus.com/bid/94093

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-07
http://www.securityfocus.com/bid/93962

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-07
http://www.securityfocus.com/bid/93957

IBM AIX CVE-2016-6079 Unspecified Local Privilege Escalation Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94090

Moxa OnCell Series Products Authentication Bypass and OS Command Execution Vulnerabilities
2016-11-07
http://www.securityfocus.com/bid/94092

Schneider Electric ION CVE-2016-5815 Series Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94091

OpenStack Compute (Nova) CVE-2016-2140 Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/84277

JPKI Client Software CVE-2016-4902 DLL Loading Remote Code Execution Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94087

I-O DATA DEVICE WFS-SR01 Multiple Security Vulnerabilities
2016-11-07
http://www.securityfocus.com/bid/94089

Multiple Samsung Galaxy Product CVE-2016-7991 Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94088

Multiple Samsung Galaxy Devices CVE-2016-7990 Integer Overflow Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94086

mobiGate App CVE-2016-7805 SSL Certificate Validation Security Bypass Vulnerability
2016-11-07
http://www.securityfocus.com/bid/94085

SANS News

Hancitor Maldoc Bypasses Application Whitelisting

Threatpost

 

Exploit

 

5.11.2016

Bugtraq

[security bulletin] HPSBUX03664 SSRT110248 rev.1 - HP-UX BIND Service running named, Remote Denial of Service (DoS) 2016-11-02
security-alert hpe com

Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability 2016-11-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

VBS.Downloader.B

JS.Downloader.D

Backdoor.Bitral

Phishing

pppaypal

6th November 2016

ACCOUNT NOTIFICATION

PayPal.Service

5th November 2016

PLEASE UPDATE YOUR ACCOUNT
INFORMATION !

Microsoft

4th November 2016

Support

Vulnerebility

cURL/libcURL CVE-2016-8623 Information Disclosure Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94106

cURL/libcURL CVE-2016-8622 Remote Security Bypass Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94105

cURL CVE-2016-8620 Remote Security Bypass Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94102

cURL/libcURL CVE-2016-8624 Remote Security Bypass Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94103

cURL/libcURL CVE-2016-8621 Information Disclosure Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94101

cURL CVE-2016-8619 Remote Security Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94100

Gajim OTR Plugin CVE-2016-9107 Information Disclosure Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94099

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-11-05
http://www.securityfocus.com/bid/93793

cURL/libcURL CVE-2016-8618 Remote Security Bypass Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94098

cURL/libcURL CVE-2016-8617 Remote Security Bypass Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94097

cURL/libcURL CVE-2016-8615 Cookie Injection Security Bypass Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94096

cURL/libcURL CVE-2016-8616 Remote Security Bypass Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94094

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-05
http://www.securityfocus.com/bid/93964

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-05
http://www.securityfocus.com/bid/93965

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-05
http://www.securityfocus.com/bid/93956

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-05
http://www.securityfocus.com/bid/93955

Schneider Electric ION Power Meter Unspecified Cross Site Request Forgery Vulnerability
2016-11-05
http://www.securityfocus.com/bid/92916

Schneider Electric Magelis HMI Multiple Denial of Service Vulnerabilities
2016-11-05
http://www.securityfocus.com/bid/94093

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-05
http://www.securityfocus.com/bid/93962

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-05
http://www.securityfocus.com/bid/93957

IBM AIX CVE-2016-6079 Unspecified Local Privilege Escalation Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94090

Moxa OnCell Series Products Authentication Bypass and OS Command Execution Vulnerabilities
2016-11-05
http://www.securityfocus.com/bid/94092

Schneider Electric ION CVE-2016-5815 Series Security Bypass Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94091

OpenStack Compute (Nova) CVE-2016-2140 Security Bypass Vulnerability
2016-11-05
http://www.securityfocus.com/bid/84277

JPKI Client Software CVE-2016-4902 DLL Loading Remote Code Execution Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94087

I-O DATA DEVICE WFS-SR01 Multiple Security Vulnerabilities
2016-11-05
http://www.securityfocus.com/bid/94089

Multiple Samsung Galaxy Product CVE-2016-7991 Security Bypass Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94088

Multiple Samsung Galaxy Devices CVE-2016-7990 Integer Overflow Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94086

mobiGate App CVE-2016-7805 SSL Certificate Validation Security Bypass Vulnerability
2016-11-05
http://www.securityfocus.com/bid/94085

Foxit Reader and PhantomPDF Multiple Security Vulnerabilities
2016-11-05
http://www.securityfocus.com/bid/93608

SANS News

Full Packet Capture for Dummies

Hancitor Maldoc Bypasses Application Whitelisting

Threatpost

Half of Chrome Pageloads are HTTPS

Commodity ‘Exaspy’ Spyware Found Targeting High-Level Execs

Inside the RIG Exploit Kit

Exploit

 

4.11.2016

Bugtraq

[security bulletin] HPSBUX03664 SSRT110248 rev.1 - HP-UX BIND Service running named, Remote Denial of Service (DoS) 2016-11-02
security-alert hpe com

Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability 2016-11-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability 2016-11-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Microsoft Internet Explorer 9 MSHTML CAttrArray use-after-free details 2016-11-01
Berend-Jan Wever (berendj nwever nl)

Malware

PUA:Win32/Reimage 

SoftwareBundler:Win32/Techrelinst (

Backdoor:Win32/Buhtrap.A!dha 
SoftwareBundler:Win32/Techrelinst 

Phishing

Microsoft

4th November 2016

Support

Bank of

3rd November 2016

Bank of America Account Update
& Security Maintenance

Wells Fargo

2nd November 2016

Your funds transfer to another
customer

Vulnerebility

cURL/libcURL CVE-2016-8615 Cookie Injection Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94096

cURL/libcURL CVE-2016-8616 Remote Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94094

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/93964

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/93965

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-04
http://www.securityfocus.com/bid/93956

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-04
http://www.securityfocus.com/bid/93955

Schneider Electric ION Power Meter Unspecified Cross Site Request Forgery Vulnerability
2016-11-04
http://www.securityfocus.com/bid/92916

Schneider Electric Magelis HMI Multiple Denial of Service Vulnerabilities
2016-11-04
http://www.securityfocus.com/bid/94093

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/93962

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/93957

IBM AIX CVE-2016-6079 Unspecified Local Privilege Escalation Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94090

Moxa OnCell Series Products Authentication Bypass and OS Command Execution Vulnerabilities
2016-11-04
http://www.securityfocus.com/bid/94092

Schneider Electric ION CVE-2016-5815 Series Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94091

OpenStack Compute (Nova) CVE-2016-2140 Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/84277

JPKI Client Software CVE-2016-4902 DLL Loading Remote Code Execution Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94087

I-O DATA DEVICE WFS-SR01 Multiple Security Vulnerabilities
2016-11-04
http://www.securityfocus.com/bid/94089

Multiple Samsung Galaxy Product CVE-2016-7991 Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94088

Multiple Samsung Galaxy Devices CVE-2016-7990 Integer Overflow Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94086

mobiGate App CVE-2016-7805 SSL Certificate Validation Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94085

Foxit Reader and PhantomPDF Multiple Security Vulnerabilities
2016-11-04
http://www.securityfocus.com/bid/93608

Memcached Multiple Integer Overflow Vulnerabilities
2016-11-04
http://www.securityfocus.com/bid/94083

Multiple Samsung Galaxy Devices CVE-2016-7989 Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94082

Samsung Mobile Phones CVE-2016-7988 Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94081

Google V8 CVE-2016-5198 Unspecified Security Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94079

Cisco Meeting Server CVE-2016-6448 Buffer Overflow Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94076

Google Chrome Information Disclosure and Security Bypass Vulnerabilities
2016-11-04
http://www.securityfocus.com/bid/94078

Cisco Application Policy Infrastructure Controller CVE-2016-6457 Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94077

Cisco TelePresence Endpoints CVE-2016-6459 Local Command Injection Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94075

Cisco Meeting Server and Meeting App CVE-2016-6447 Buffer Underflow Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94073

Cisco AsyncOS CVE-2016-6458 Remote Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94074OpenStack Compute (Nova) CVE-2016-2140 Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/84277

JPKI Client Software CVE-2016-4902 DLL Loading Remote Code Execution Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94087

I-O DATA DEVICE WFS-SR01 Multiple Security Vulnerabilities
2016-11-04
http://www.securityfocus.com/bid/94089

Multiple Samsung Galaxy Product CVE-2016-7991 Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94088

Multiple Samsung Galaxy Devices CVE-2016-7990 Integer Overflow Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94086

mobiGate App CVE-2016-7805 SSL Certificate Validation Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94085

Foxit Reader and PhantomPDF Multiple Security Vulnerabilities
2016-11-04
http://www.securityfocus.com/bid/93608

Memcached Multiple Integer Overflow Vulnerabilities
2016-11-04
http://www.securityfocus.com/bid/94083

Multiple Samsung Galaxy Devices CVE-2016-7989 Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94082

Samsung Mobile Phones CVE-2016-7988 Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94081

Google V8 CVE-2016-5198 Unspecified Security Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94079

Cisco Meeting Server CVE-2016-6448 Buffer Overflow Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94076

Google Chrome Information Disclosure and Security Bypass Vulnerabilities
2016-11-04
http://www.securityfocus.com/bid/94078

Cisco Application Policy Infrastructure Controller CVE-2016-6457 Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94077

Cisco TelePresence Endpoints CVE-2016-6459 Local Command Injection Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94075

Cisco Meeting Server and Meeting App CVE-2016-6447 Buffer Underflow Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94073

Cisco AsyncOS CVE-2016-6458 Remote Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94074

Cisco IOS XE Software CVE-2016-6441 Buffer Overflow Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94072

Cisco Prime Home CVE-2016-6452 Authentication Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94070

Cisco StarOS for ASR 5500 Series Routers CVE-2016-6455 Remote Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94071

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-11-04
http://www.securityfocus.com/bid/92630

Django CVE-2016-9013 Hardcoded Password Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94069

Django CVE-2016-9014 Security Bypass Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94068

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/94067

Adobe Acrobat and Reader CVE-2016-6937 Memory Corruption Vulnerability
2016-11-04
http://www.securityfocus.com/bid/93014

Adobe Acrobat and Reader APSB16-33 Multiple Memory Corruption Vulnerabilities
2016-11-04
http://www.securityfocus.com/bid/93496

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-11-04
http://www.securityfocus.com/bid/93621

Oracle WebLogic Server CVE-2016-5535 Remote Code Execution Vulnerability
2016-11-04
http://www.securityfocus.com/bid/93692

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/93188

ISC BIND CVE-2016-2775 Remote Denial of Service Vulnerability
2016-11-04
http://www.securityfocus.com/bid/92037

SANS News

Extracting Malware Transmitted Via Telnet

If DDOS Attacks are Natural Disasters, is it Time to Update your DR Plan?

Threatpost

Cisco Patches Critical Bugs in 900 Series Routers, Prime Home Server

GitLab Patches Command Execution Vulnerability

Outlook Web Access Two-Factor Authentication Bypass Exists

DMCA Exemptions Lift Hacking Restrictions

Exploit

BolinTech DreamFTP 1.02 - 'RETR' Command Remote Buffer Overflow

PCMan FTP Server 2.0.7 - 'PORT' Command Buffer Overflow

PCMan FTP Server 2.0.7 - 'SITE CHMOD' Command Buffer Overflow

PCMan FTP Server 2.0.7 - 'NLST' Command Buffer Overflow

Freefloat FTP Server 1.0 - 'SITE ZONE' Command Buffer Overflow

IBM AIX 5.3/6.1/7.1/7.2 - 'lquerylv' Privilege Escalation

IBM AIX 6.1/7.1/7.2.0.2 - 'lsmcode' Privilege Escalation

PCMan FTP Server 2.0.7 - 'ACCT' Command Buffer Overflow

Rapid PHP Editor 14.1 - Remote Command Execution

Redaxo 5.2.0 - Cross-Site Request Forgery

nodCMS - Cross-Site Request Forgery

sNews 1.7.1 - Arbitrary File Upload

sNews 1.7.1 - Cross-Site Request Forgery

Axessh 4.2 - Denial Of Service

3.11.2016

Bugtraq

[security bulletin] HPSBUX03664 SSRT110248 rev.1 - HP-UX BIND Service running named, Remote Denial of Service (DoS) 2016-11-02
security-alert hpe com

Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability 2016-11-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability 2016-11-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Microsoft Internet Explorer 9 MSHTML CAttrArray use-after-free details 2016-11-01
Berend-Jan Wever (berendj nwever nl)

[slackware-security] php (SSA:2016-305-04) 2016-11-01
Slackware Security Team (security slackware com)

Malware

Ransom:Win32/DMALocker.A 

Backdoor.Bitral

Phishing

Wells Fargo

2nd November 2016

Your funds transfer to another
customer

Citi Bank

2nd November 2016

Your Citi Bank Account Has
Been Temporarily Suspended

Apple.id@icloud.com

2nd November 2016

WE'VE NOTICED THAT SOME OF
YOUR ACCOUNT INFORMATION
APPEARS TO BE MISSING OR
INCORRECT.

Vulnerebility

Google V8 CVE-2016-5198 Unspecified Security Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94079

Cisco Meeting Server CVE-2016-6448 Buffer Overflow Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94076

Google Chrome Information Disclosure and Security Bypass Vulnerabilities
2016-11-03
http://www.securityfocus.com/bid/94078

Cisco Application Policy Infrastructure Controller CVE-2016-6457 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94077

Cisco TelePresence Endpoints CVE-2016-6459 Local Command Injection Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94075

Cisco Meeting Server and Meeting App CVE-2016-6447 Buffer Underflow Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94073

Cisco AsyncOS CVE-2016-6458 Remote Security Bypass Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94074

Cisco IOS XE Software CVE-2016-6441 Buffer Overflow Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94072

Cisco Prime Home CVE-2016-6452 Authentication Bypass Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94070

Cisco StarOS for ASR 5500 Series Routers CVE-2016-6455 Remote Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94071

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-11-03
http://www.securityfocus.com/bid/92630

Django CVE-2016-9013 Hardcoded Password Security Bypass Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94069

Django CVE-2016-9014 Security Bypass Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94068

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94067

Adobe Acrobat and Reader CVE-2016-6937 Memory Corruption Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93014

Adobe Acrobat and Reader APSB16-33 Multiple Memory Corruption Vulnerabilities
2016-11-03
http://www.securityfocus.com/bid/93496

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93621

Oracle WebLogic Server CVE-2016-5535 Remote Code Execution Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93692

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93188

ISC BIND CVE-2016-2775 Remote Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/92037

Schneider Electric ConneXium CVE-2016-8352 Remote Buffer Overflow Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94062

IBHsoftec S7-SoftPLC CVE-2016-8364 Remote Heap Based Buffer Overflow Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94054

Schneider Electric Unity PRO Insecure File Downloading Remote Code Execution Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93830

Symantec Norton Mobile Security for Android CVE-2016-6587 Local Information Disclosure Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93858

Symantec Norton Mobile Security for Android CVE-2016-6585 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93900

Symantec Norton Mobile Security for Android CVE-2016-6586 Security Bypass Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93901

NTP Multiple Arbitrary File Overwrite Vulnerabilities
2016-11-03
http://www.securityfocus.com/bid/77278

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93152

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93150

ABB RobotWare Multiple Security Vulnerabilities
2016-11-03
http://www.securityfocus.com/bid/94034

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-11-03
http://www.securityfocus.com/bid/92630

Django CVE-2016-9013 Hardcoded Password Security Bypass Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94069

Django CVE-2016-9014 Security Bypass Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94068

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94067

Adobe Acrobat and Reader CVE-2016-6937 Memory Corruption Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93014

Adobe Acrobat and Reader APSB16-33 Multiple Memory Corruption Vulnerabilities
2016-11-03
http://www.securityfocus.com/bid/93496

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93621

Oracle WebLogic Server CVE-2016-5535 Remote Code Execution Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93692

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93188

ISC BIND CVE-2016-2775 Remote Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/92037

Schneider Electric ConneXium CVE-2016-8352 Remote Buffer Overflow Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94062

IBHsoftec S7-SoftPLC CVE-2016-8364 Remote Heap Based Buffer Overflow Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94054

Schneider Electric Unity PRO Insecure File Downloading Remote Code Execution Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93830

Symantec Norton Mobile Security for Android CVE-2016-6587 Local Information Disclosure Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93858

Symantec Norton Mobile Security for Android CVE-2016-6585 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93900

Symantec Norton Mobile Security for Android CVE-2016-6586 Security Bypass Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93901

NTP Multiple Arbitrary File Overwrite Vulnerabilities
2016-11-03
http://www.securityfocus.com/bid/77278

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93152

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93150

ABB RobotWare Multiple Security Vulnerabilities
2016-11-03
http://www.securityfocus.com/bid/94034

NTP CVE-2016-1548 Security Bypass Vulnerability
2016-11-03
http://www.securityfocus.com/bid/88264

NTP CVE-2016-1550 Local Security Bypass Vulnerability
2016-11-03
http://www.securityfocus.com/bid/88261

NTP CVE-2016-1547 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/88276

NTP CVE-2016-2518 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/88226

IBM InfoSphere Information Server CVE-2016-6059 XML External Entity Injection Vulnerability
2016-11-03
http://www.securityfocus.com/bid/94032

OpenSSL CVE-2016-6309 Remote Code Execution Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93177

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/92628

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2016-11-03
http://www.securityfocus.com/bid/92984

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2016-11-03
http://www.securityfocus.com/bid/93171

SANS News

What Does a Pentest Look Like?

Threatpost

Sundown Exploit Kit ‘Larger Threat Than People Realize’

Belkin’s WeMo Gear Can Hack Android Phones

Mitigations Available for PanelShock Vulnerabilities in Schneider Electric Magelis HMIs

Unpatched Vulnerability on Wix.com Puts Millions of Sites at Risk

Exploit

Microsoft Internet Explorer 11 - MSHTML CView::CalculateImageImmunity Use-After-Free

SunellSecurity NVR / Camera - Denial Of Service

Microsoft Internet Explorer 9 - MSHTML CAttrArray Use-After-Free (MS14-056)

Rapid PHP Editor 14.1 - Remote Command Execution

WinaXe 7.7 'FTP client' - Remote Buffer Overflow

Citrix Receiver/Receiver Desktop Lock 4.5 - Authentication Bypass

Memcached 1.4.33 - PoC (3)

Memcached 1.4.33 - PoC (2)

Memcached 1.4.33 - PoC (1)

Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation...

Citrix Receiver/Receiver Desktop Lock 4.5 - Authentication Bypass

Bassmaster 1.5.1 - Batch Arbitrary JavaScript Injection Remote Code Execution...

Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow

SweetRice 1.5.1 - Cross-Site Request Forgery

LifeSize Room 5.0.9 - Multiple Vulnerabilities

Alienvault OSSIM/USM 5.3.1 - SQL Injection

Alienvault OSSIM/USM 5.3.1 - Persistent Cross-Site Scripting

Alienvault OSSIM/USM 5.3.1 - PHP Object Injection

2.11.2016

Bugtraq

Microsoft Internet Explorer 9 MSHTML CAttrArray use-after-free details 2016-11-01
Berend-Jan Wever (berendj nwever nl)

[slackware-security] php (SSA:2016-305-04) 2016-11-01
Slackware Security Team (security slackware com)

[slackware-security] mariadb (SSA:2016-305-03) 2016-11-01
Slackware Security Team (security slackware com)

Malware

Trojan.Viotto

Phishing

Apple.id@icloud.com

2nd November 2016

WE'VE NOTICED THAT SOME OF
YOUR ACCOUNT INFORMATION
APPEARS TO BE MISSING OR
INCORRECT.

Apple

1st November 2016

RE: UPDATE YOUR APPLE ID
ACCOUNT INFORMATION !

Money Gram

1st November 2016

Dear Customer

Vulnerebility

Schneider Electric Unity PRO Insecure File Downloading Remote Code Execution Vulnerability
2016-11-02
http://www.securityfocus.com/bid/93830

Symantec Norton Mobile Security for Android CVE-2016-6587 Local Information Disclosure Vulnerability
2016-11-02
http://www.securityfocus.com/bid/93858

Symantec Norton Mobile Security for Android CVE-2016-6585 Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/93900

Symantec Norton Mobile Security for Android CVE-2016-6586 Security Bypass Vulnerability
2016-11-02
http://www.securityfocus.com/bid/93901

NTP Multiple Arbitrary File Overwrite Vulnerabilities
2016-11-02
http://www.securityfocus.com/bid/77278

OpenSSL CVE-2016-6307 Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/93152

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/93150

ABB RobotWare Multiple Security Vulnerabilities
2016-11-02
http://www.securityfocus.com/bid/94034

NTP CVE-2016-1548 Security Bypass Vulnerability
2016-11-02
http://www.securityfocus.com/bid/88264

NTP CVE-2016-1550 Local Security Bypass Vulnerability
2016-11-02
http://www.securityfocus.com/bid/88261

NTP CVE-2016-1547 Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/88276

NTP CVE-2016-2518 Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/88226

IBM InfoSphere Information Server CVE-2016-6059 XML External Entity Injection Vulnerability
2016-11-02
http://www.securityfocus.com/bid/94032

OpenSSL CVE-2016-6309 Remote Code Execution Vulnerability
2016-11-02
http://www.securityfocus.com/bid/93177

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/92628

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2016-11-02
http://www.securityfocus.com/bid/92984

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/93171

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-11-02
http://www.securityfocus.com/bid/91319

OpenSSL CVE-2016-6305 Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/93149

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/92117

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/93153

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-11-02
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-11-02
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-6308 Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/93151

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-11-02
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-11-02
http://www.securityfocus.com/bid/91081

Microsoft Windows Kernel 'NtSetWindowLongPtr()' Function Local Privilege Escalation Vulnerability
2016-11-02
http://www.securityfocus.com/bid/94024

NVIDIA GPU Driver CVE-2016-8807 Local Stack Buffer Overflow Vulnerability
2016-11-02
http://www.securityfocus.com/bid/94002

NVIDIA GPU Display Driver CVE-2016-8805 Local Privilege Escalation Vulnerability
2016-11-02
http://www.securityfocus.com/bid/94001
SANS News

What Does a Pentest Look Like?

Threatpost

Google to Distrust WoSign, StartCom Certs in 2017

Sundown Exploit Kit ‘Larger Threat Than People Realize’

Exploit

MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation

MySQL / MariaDB / PerconaDB - 'mysql' System User Privilege Escalation / Race...

1.11.2016

Bugtraq

Microsoft Internet Explorer 9 MSHTML CAttrArray use-after-free details 2016-11-01
Berend-Jan Wever (berendj nwever nl)

[slackware-security] php (SSA:2016-305-04) 2016-11-01
Slackware Security Team (security slackware com)

[slackware-security] mariadb (SSA:2016-305-03) 2016-11-01
Slackware Security Team (security slackware com)

CfP and Special Session :: CyberSec2017 2016-11-01
Jackie Blanco (jackie sdiwc info)

[slackware-security] x11 (SSA:2016-305-02) 2016-11-01
Slackware Security Team (security slackware com)

OS-S 2016-23 - Local DoS: Linux Kernel EXT4 Error Handling (EXT4 calling panic()) 2016-10-31
Ralf Spenneberg (info os-t de)

[HITB-Announce] HITB2017AMS CFP 2016-10-31
Hafez Kamal (aphesz hackinthebox org)

October 2016 - Crowd - Critical Security Advisory 2016-10-31
David Black (dblack atlassian com)

[SECURITY] [DSA 3691-2] ghostscript regression update 2016-10-28
Salvatore Bonaccorso (carnil debian org)

Malware

Win32/Crytes.AA

VBA/TrojanDownloader.Agent.BVO

Win32/Agent.WJS

Phishing

Money Gram

1st November 2016

Dear Customer

Barclays Wealth

1st November 2016

SECURITY NOTICE

USAA

31st October 2016

Urgent - You Have An E-Payment
Transfer Pending

Support

31st October 2016

[Ticket ID: 777345] urgent
notice for steve-scott

Apple

31st October 2016

Your Apple ID Has Been
Discontinued.

Wells Fargo

31st October 2016

Wells Fargo Bank: You Have 1
Unread Security Message Alert

Vulnerebility

NVIDIA GPU Driver CVE-2016-8807 Local Stack Buffer Overflow Vulnerability
2016-11-01
http://www.securityfocus.com/bid/94002

NVIDIA GPU Display Driver CVE-2016-8805 Local Privilege Escalation Vulnerability
2016-11-01
http://www.securityfocus.com/bid/94001

NVIDIA GPU Display Driver CVE-2016-8808 Local Privilege Escalation Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93999

NVIDIA GPU Display Driver CVE-2016-8810 Local Privilege Escalation Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93997

NVIDIA GPU Display Driver CVE-2016-8809 Local Privilege Escalation Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93992

Symantec IT Management Suite CVE-2016-6589 Denial of Service Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93951

NVIDIA GPU Display Driver CVE-2016-8806 Local Privilege Escalation Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93990

NVIDIA GPU Driver CVE-2016-8812 Local Stack Buffer Overflow Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93986

NVIDIA GPU Display Driver CVE-2016-7390 Local Privilege Escalation Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93984

NVIDIA GPU Display Driver CVE-2016-7391 Local Privilege Escalation Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93987

NVIDIA GPU Driver CVE-2016-7387 Local Privilege Escalation Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93985

NVIDIA GPU Driver CVE-2016-7385 Local Denial of Service Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93981

NVIDIA GPU Driver CVE-2016-8811 Local Privilege Escalation Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93988

NVIDIA GPU Driver CVE-2016-7386 Local Information Disclosure Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93982

NVIDIA GPU Display Driver CVE-2016-7384 Local Privilege Escalation Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93983

OpenJPEG CVE-2016-9113 Null Pointer Dereference Denial of Service Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93980

Multiple Huawei Products CVE-2016-6670 Insecure Random Number Generation Vulnerability
2016-11-01
http://www.securityfocus.com/bid/92438

Citrix NetScaler ADC CVE-2016-9028 Open Redirection Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93947

OpenJPEG 'convert.c' CVE-2016-9115 Remote Heap Based Buffer Overflow Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93977

OpenJPEG 'openjp2/pi.c' Divide-By-Zero Denial of Service Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93978

OpenJPEG CVE-2016-9114 Null Pointer Dereference Denial of Service Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93979

OpenJPEG 'convert.c' CVE-2016-9116 Null Pointer Dereference Denial of Service Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93975

OpenJPEG 'convert.c' Remote Heap Based Buffer Overflow Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93976

OpenJPEG 'convert.c' Null Pointer Dereference Denial of Service Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93783

Microfocus Rumba FTP CVE-2016-5764 Stack Buffer Overflow Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93974

Novell NetIQ Identity Manager CVE-2016-1598 Cross Site Scripting Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93833

Novell NetIQ Identity Manager CVE-2016-1592 HTML Injection Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93973

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-11-01
http://www.securityfocus.com/bid/91081

Novell NetIQ Identity Manager CVE-2015-0787 HTML Injection Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93972

Wordpress contus-video-comments Plugin 'save.php' Arbitrary File Upload Vulnerability
2016-11-01
http://www.securityfocus.com/bid/93967

SANS News

SEC505 DFIR capture script: snapshot.ps1

Threatpost

WhatsApp Blasted by EU Data Protection Group Over Facebook Sharing

ShadowBrokers Dumps Lists of Equation Group Hacked Servers

Nymaim Dropper Updates Delivery, Obfuscation Methods

Exploit

MacOS 10.12 - 'task_t' Privilege Escalation

OS X/iOS Kernel - IOSurface Use-After-Free

Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free

Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues

NVIDIA Driver - NvStreamKms Stack Buffer Overflow in...

NVIDIA Driver - UVMLiteController ioctl Handling Unchecked Input/Output Lengths...

freeFTPd 1.0.8 - 'mkd' Command Denial Of Service

Micro Focus Rumba 9.4 - Local Denial Of Service

Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow

NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to...

NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x700010d

NVIDIA Driver - No Bounds Checking in Escape 0x7000194

NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x600000D

NVIDIA Driver - Escape 0x100010b Missing Bounds Check

NVIDIA Driver - No Bounds Checking in Escape 0x7000170

NVIDIA Driver - Unchecked User-Provided Pointer in Escape 0x5000027

NVIDIA Driver - Incorrect Bounds Check in Escape 0x70001b2

NVIDIA Driver - Missing Bounds Check in Escape 0x100009a

NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5

NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014

NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9

PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow

Rumba FTP Client 4.x - Stack buffer overflow (SEH)

S9Y Serendipity 2.0.4 - Cross-Site Scripting

31.10.2016

Bugtraq

October 2016 - Crowd - Critical Security Advisory 2016-10-31
David Black (dblack atlassian com)

[SECURITY] [DSA 3691-2] ghostscript regression update 2016-10-28
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3701-2] nginx regression update 2016-10-28
Salvatore Bonaccorso (carnil debian org)

Malware

BrowserModifier:Win32/Sasquor 
TrojanDropper:MSIL/Vibes.A 
TrojanDropper:Win32/Strumapine.A 
PWS:Win32/Primarypass.A 
Worm:Win32/Fadok.A 
TrojanDownloader:Win32/Javsisxep.A 
TrojanSpy:Win32/Quasdent.A 
TrojanDropper:VBS/Micwix.A 
TrojanDownloader:Win32/Shelpy.A 

Phishing

Apple

31st October 2016

Your Apple ID Has Been
Discontinued.

Wells Fargo

31st October 2016

Wells Fargo Bank: You Have 1
Unread Security Message Alert

USAA

30th October 2016

Your USAA Preference
Verification Required

Vulnerebility

Multiple Huawei Products CVE-2016-6670 Insecure Random Number Generation Vulnerability
2016-10-31
http://www.securityfocus.com/bid/92438

Citrix NetScaler ADC CVE-2016-9028 Open Redirection Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93947

OpenJPEG 'convert.c' CVE-2016-9115 Remote Heap Based Buffer Overflow Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93977

OpenJPEG 'openjp2/pi.c' Divide-By-Zero Denial of Service Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93978

OpenJPEG CVE-2016-9114 Null Pointer Dereference Denial of Service Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93979

OpenJPEG 'convert.c' CVE-2016-9116 Null Pointer Dereference Denial of Service Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93975

OpenJPEG 'convert.c' Remote Heap Based Buffer Overflow Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93976

OpenJPEG 'convert.c' Null Pointer Dereference Denial of Service Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93783

Microfocus Rumba FTP CVE-2016-5764 Stack Buffer Overflow Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93974

Novell NetIQ Identity Manager CVE-2016-1598 Cross Site Scripting Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93833

Novell NetIQ Identity Manager CVE-2016-1592 HTML Injection Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93973

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-10-31
http://www.securityfocus.com/bid/91081

Novell NetIQ Identity Manager CVE-2015-0787 HTML Injection Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93972

Wordpress contus-video-comments Plugin 'save.php' Arbitrary File Upload Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93967

Moodle CVE-2016-7919 Information Disclosure Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93971

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-10-31
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93153

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-10-31
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-10-31
http://www.securityfocus.com/bid/91319

SAP Hybris Management Console CVE-2016-6858 HTML Injection Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93966

Joomla! Core CVE-2016-9081 Security Bypass Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93969

HP ThinkPwn UEFI BIOS 'SmmRuntime' Remote Privilege Escalation Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93958

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93964

Cisco AsyncOS CVE-2016-1480 Remote Security Bypass Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93914

HP System Management Homepage Multiple Security Vulnerabilities
2016-10-31
http://www.securityfocus.com/bid/93961

SAP Hybris Management Console CVE-2016-6857 HTML Injection Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93960

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-10-31
http://www.securityfocus.com/bid/93965

PHP CVE-2016-5385 Security Bypass Vulnerability
2016-10-31
http://www.securityfocus.com/bid/91821

Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
2016-10-31
http://www.securityfocus.com/bid/91816

OpenSSL CVE-2016-2106 Integer Overflow Vulnerability
2016-10-31
http://www.securityfocus.com/bid/89744

SANS News

Volatility Bot: Automated Memory Analysis

Threatpost

 

Exploit

S9Y Serendipity 2.0.4 - Cross-Site Scripting

Micro Focus Rumba 9.4 - Local Denial of Service

freeFTPd 1.0.8 - 'mkd' Command Denial Of Service

30.10.2016

Bugtraq

[SECURITY] [DSA 3701-2] nginx regression update 2016-10-28
Salvatore Bonaccorso (carnil debian org)

APPLE-SA-2016-10-27-3 iTunes 12.5.2 for Windows 2016-10-27
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBMU03653 rev.1 - HPE System Management Homepage (SMH), Remote Arbitrary Code Execution, Cross-Site Scripting (XSS), Denial of Service (DoS), Unauthorized Disclosure of Information 2016-10-27
security-alert hpe com

[security bulletin] HPSBHF3549 ThinkPwn UEFI BIOS SmmRuntime Escalation of Privilege 2016-10-27
HP Security Alert (hp-security-alert hp com)

CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-26
Dawid Golunski (dawid legalhackers com)

Malware

Backdoor:Win32/Crugup.B 
Worm:Win32/Dorkbot!ac 
Worm:Win32/Dorkbot.BA!bit 
Ransom:Win32/Stampado.A 
Ransom:Win32/Bartcrypt.A 
BrowserModifier:Win32/Heazycrome 

Trojan.Dunihidrop

Backdoor.Korplug.D

Phishing

omg ex gf

29th October 2016

Watch ex girlfriends videos

USAA

28th October 2016

Account Locked - Your USAA
Preference Verification
Required

CUSTOMER CARE

28th October 2016

About your microsoft devoloper
account !

Vulnerebility

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-10-30
http://www.securityfocus.com/bid/91081

Novell NetIQ Identity Manager CVE-2015-0787 HTML Injection Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93972

Wordpress contus-video-comments Plugin 'save.php' Arbitrary File Upload Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93967

Moodle CVE-2016-7919 Information Disclosure Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93971

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-10-30
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93153

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-10-30
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-10-30
http://www.securityfocus.com/bid/91319

SAP Hybris Management Console CVE-2016-6858 HTML Injection Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93966

Joomla! Core CVE-2016-9081 Security Bypass Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93969

HP ThinkPwn UEFI BIOS 'SmmRuntime' Remote Privilege Escalation Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93958

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93964

Cisco AsyncOS CVE-2016-1480 Remote Security Bypass Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93914

HP System Management Homepage Multiple Security Vulnerabilities
2016-10-30
http://www.securityfocus.com/bid/93961

SAP Hybris Management Console CVE-2016-6857 HTML Injection Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93960

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93965

PHP CVE-2016-5385 Security Bypass Vulnerability
2016-10-30
http://www.securityfocus.com/bid/91821

Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
2016-10-30
http://www.securityfocus.com/bid/91816

OpenSSL CVE-2016-2106 Integer Overflow Vulnerability
2016-10-30
http://www.securityfocus.com/bid/89744

PHP 'snmp.c' Remote Format String Vulnerability
2016-10-30
http://www.securityfocus.com/bid/85800

Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
2016-10-30
http://www.securityfocus.com/bid/91818

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93956

SAP Hybris CVE-2016-6859 Information Disclosure Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93959

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93962

SAP Hybris Management Console CVE-2016-6856 Cross Site Scripting Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93954

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-10-30
http://www.securityfocus.com/bid/93957

PHP 'php_raw_url_encode()' Function Integer Overflow Vulnerability
2016-10-30
http://www.securityfocus.com/bid/85801

PHP 'ext/phar/phar_object.c' Heap Buffer Overflow Vulnerability
2016-10-30
http://www.securityfocus.com/bid/89154

PHP CVE-2016-4539 Remote Denial Of Service Vulnerability
2016-10-30
http://www.securityfocus.com/bid/90174

PHP 'bcmath.c' Multiple Local Heap Overflow Vulnerabilities
2016-10-30
http://www.securityfocus.com/bid/90173

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-10-29
http://www.securityfocus.com/bid/91081

Novell NetIQ Identity Manager CVE-2015-0787 HTML Injection Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93972

Wordpress contus-video-comments Plugin 'save.php' Arbitrary File Upload Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93967

Moodle CVE-2016-7919 Information Disclosure Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93971

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-10-29
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93153

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-10-29
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-10-29
http://www.securityfocus.com/bid/91319

SAP Hybris Management Console CVE-2016-6858 HTML Injection Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93966

Joomla! Core CVE-2016-9081 Security Bypass Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93969

HP ThinkPwn UEFI BIOS 'SmmRuntime' Remote Privilege Escalation Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93958

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93964

Cisco AsyncOS CVE-2016-1480 Remote Security Bypass Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93914

HP System Management Homepage Multiple Security Vulnerabilities
2016-10-29
http://www.securityfocus.com/bid/93961

SAP Hybris Management Console CVE-2016-6857 HTML Injection Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93960

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93965

PHP CVE-2016-5385 Security Bypass Vulnerability
2016-10-29
http://www.securityfocus.com/bid/91821

Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
2016-10-29
http://www.securityfocus.com/bid/91816

OpenSSL CVE-2016-2106 Integer Overflow Vulnerability
2016-10-29
http://www.securityfocus.com/bid/89744

PHP 'snmp.c' Remote Format String Vulnerability
2016-10-29
http://www.securityfocus.com/bid/85800

Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
2016-10-29
http://www.securityfocus.com/bid/91818

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93956

SAP Hybris CVE-2016-6859 Information Disclosure Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93959

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93962

SAP Hybris Management Console CVE-2016-6856 Cross Site Scripting Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93954

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-10-29
http://www.securityfocus.com/bid/93957

PHP 'php_raw_url_encode()' Function Integer Overflow Vulnerability
2016-10-29
http://www.securityfocus.com/bid/85801

PHP 'ext/phar/phar_object.c' Heap Buffer Overflow Vulnerability
2016-10-29
http://www.securityfocus.com/bid/89154

PHP CVE-2016-4539 Remote Denial Of Service Vulnerability
2016-10-29
http://www.securityfocus.com/bid/90174

PHP 'bcmath.c' Multiple Local Heap Overflow Vulnerabilities
2016-10-29
http://www.securityfocus.com/bid/90173

SANS News

Windows "Atom Bombing" Attack

Threatpost

Mirai Vulnerability Disclosed, But Exploits May Constitute Hacking Back

Google to Make Certificate Transparency Mandatory By 2017

Keen Lab Takes Down iPhone 6S, Nexus 6P at Mobile Pwn2Own


Dyn DDoS Could Have Topped 1 Tbps

Cisco Patches Critical Vulnerability in Facility Events Response System

Apple Patches iTunes, iCloud for Windows, Xcode Server

Exploit

CherryTree 0.36.9 - Memory Corruption (PoC)

InfraPower PPS-02-S Q213V1 - Hard-Coded Credentials

InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution

InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery

InfraPower PPS-02-S Q213V1 - Multiple XSS

InfraPower PPS-02-S Q213V1 - Authentication Bypass

InfraPower PPS-02-S Q213V1 - Insecure Direct Object Reference

InfraPower PPS-02-S Q213V1 - Local File Disclosure

27.10.2016

Bugtraq

CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-26
Dawid Golunski (dawid legalhackers com)

[SECURITY] [DSA 3700-1] asterisk security update 2016-10-25
Moritz Muehlenhoff (jmm debian org)

Malware

BrowserModifier:Win32/Heazycrome 

Backdoor.Apimas

Trojan.Dunihi

W32.Dunihi

Phishing

 

Vulnerebility

Iceni Argus 'ipNameAdd()' Function Remote Stack Buffer Overflow Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93936

GNU Tar CVE-2016-6321 Security Bypass Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93937

Huawei Mate 8 CVE-2016-8756 Local Denial of Service Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93935

Cisco ACE CVE-2016-6399 Denial of Service Vulnerability
2016-10-27
http://www.securityfocus.com/bid/92867

HP Business Service Management CVE-2016-4392 Cross Site Scripting Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93933

Linux Kernel Vfio Driver CVE-2016-9084 Integer Overflow Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93930

Drupal Tripal BLAST UI Module Remote Code Execution Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93934

Cairo 'cairo-png.c' Integer Overflow Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93931

Linux Kernel CVE-2016-9083 Local Integer Overflow Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93929

Libwebp 'gif2webp.c' Multiple Integer Overflow Vulnerabilities
2016-10-27
http://www.securityfocus.com/bid/93928

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93793

Huawei Smart Phone CVE-2016-8757 Local Information Disclosure Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93932

Yandex Browser CVE-2016-8506 Cross Site Scripting Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93927

Linux Kernel CVE-2015-8950 Information Disclosure Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93318

Candlepin 'subscription-manager' CVE-2016-4455 Insecure File Permissions Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93926

Yandex Browser CVE-2016-8505 Cross Site Scripting Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93925

Yandex Browser CVE-2016-8504 Cross Site Request Forgery Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93924

Yandex Browser CVE-2016-8502 Brute Force Authentication Bypass Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93923

Yandex Browser CVE-2016-8503 Brute Force Authentication Bypass Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93921

Yandex Browser CVE-2016-8501 Man in the Middle Security Bypass Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93920

Cisco Prime Collaboration Provisioning CVE-2016-6451 Multiple Cross Site Scripting Vulnerabilities
2016-10-27
http://www.securityfocus.com/bid/93917

Cisco IP Interoperability and Collaboration System Local Privilege Escalation Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93919

Cisco IP Interoperability and Collaboration System CVE-2016-6429 Cross Site Scripting Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93915

Cisco Hosted Collaboration Mediation Fulfillment Cross Site Request Forgery Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93916

Cisco IP Interoperability and Collaboration System CVE-2016-6397 Authentication Bypass Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93913

Multiple Cisco Products CVE-2016-6439 Denial of Service Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93787

Multiple Cisco Products CVE-2016-6360 Denial of Service Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93910

Cisco AsyncOS CVE-2016-1480 Remote Security Bypass Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93914

Cisco AsyncOS CVE-2016-6357 Remote Security Bypass Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93909

Cisco AsyncOS for Email and Web Security Appliances Remote Security Bypass Vulnerability
2016-10-27
http://www.securityfocus.com/bid/93911

SANS News

Your Bill Is Not Overdue today!

Threatpost

Remote Code Execution Vulnerabilities Plague LibTIFF Library

Joomla Update Fixes Two Critical Issues, 2FA Error

Windows Atom Tables Can Be Abused for Code Injection Attacks

Exploit

Komfy Switch with Camera DKZ-201S/W - WiFi Password Disclosure

Boonex Dolphin 7.3.2 - Authentication Bypass

Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation

HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation

GNU GTypist 2.9.5-2 - Local Buffer Overflow

uSQLite 1.0.0 - Denial Of Service

26.10.2016

Bugtraq

CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-26
Dawid Golunski (dawid legalhackers com)

[SECURITY] [DSA 3700-1] asterisk security update 2016-10-25
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3701-1] nginx security update 2016-10-25
Florian Weimer (fw deneb enyo de)

Malware

Trojan.Kitkiot

Backdoor:Win32/Plugx.X 
Backdoor:Win32/Plugx.X!lnk 

Phishing

PayPal

26th October 2016

We noticed unusual activity in
your PayPal account

Limited Time Offer

26th October 2016

Get $50 Amazon Gift Card !!
Halloween Offer !!

Bank of

26th October 2016

Bank of America Alert: Account
locked due to unusual
activity.

Dr. William s Watts

25th October 2016

YOUR FUND TRANSFERRED VIA
WESTERN UNION

Vulnerebility

DBD::mysql 'my_login()' Function Use After Free Remote Code Execution Vulnerability
2016-10-26
http://www.securityfocus.com/bid/92118

perl-DBD-MySQL CVE-2016-1246 Remote Buffer Overflow Vulnerability
2016-10-26
http://www.securityfocus.com/bid/93337

DBD::mysql CVE-2014-9906 Incomplete Fix Use After Free Remote Code Execution Vulnerability
2016-10-26
http://www.securityfocus.com/bid/92149

Xen CVE-2016-7092 Local Privilege Escalation Vulnerability
2016-10-26
http://www.securityfocus.com/bid/92862

QEMU CVE-2016-4439 Remote Code Execution Vulnerability
2016-10-26
http://www.securityfocus.com/bid/90760

Xen CVE-2016-4480 Security Bypass Vulnerability
2016-10-26
http://www.securityfocus.com/bid/90710

QEMU '/hw/net/mipsnet.c' Remote Buffer Overflow Vulnerability
2016-10-26
http://www.securityfocus.com/bid/85992

Xen CVE-2016-6258 Privilege Escalation Vulnerability
2016-10-26
http://www.securityfocus.com/bid/92131

Xen CVE-2016-7094 Local Denial of Service Vulnerability
2016-10-26
http://www.securityfocus.com/bid/92864

QEMU 'get_cmd()' Function Denial of Service Vulnerability
2016-10-26
http://www.securityfocus.com/bid/90995

QEMU 'hw/scsi/esp.c' Multiple Remote Code Execution Vulnerabilities
2016-10-26
http://www.securityfocus.com/bid/91079

Xen CVE-2016-3960 NULL pointer Dereference Remote Denial of Service Vulnerability
2016-10-26
http://www.securityfocus.com/bid/86318

QEMU CVE-2016-4441 Remote Code Execution Vulnerability
2016-10-26
http://www.securityfocus.com/bid/90762

QEMU CVE-2016-3710 Remote Code Execution Vulnerability
2016-10-26
http://www.securityfocus.com/bid/90316

Xen CVE-2016-3159 Information Disclosure Vulnerability
2016-10-26
http://www.securityfocus.com/bid/85716

QEMU 'stellaris_enet_receive()' Function Remote Buffer Overflow Vulnerability
2016-10-26
http://www.securityfocus.com/bid/85976

Xen CVE-2016-3158 Information Disclosure Vulnerability
2016-10-26
http://www.securityfocus.com/bid/85714

QEMU 'vga.c' Information Disclosure Vulnerability
2016-10-26
http://www.securityfocus.com/bid/69654

Quagga Routing Software Suite CVE-2016-4049 Denial Of Service Vulnerability
2016-10-26
http://www.securityfocus.com/bid/88561

OpenSUSE and SUSE Linux Enterprise Server CVE-2016-4036 Local Information Disclosure Vulnerability
2016-10-26
http://www.securityfocus.com/bid/87324

Linux Kernel CVE-2016-7039 Stack Overflow Denial of Service Vulnerability
2016-10-26
http://www.securityfocus.com/bid/93476

HP ThinPro CVE-2016-2246 Local Privilege Escalation Vulnerability
2016-10-26
http://www.securityfocus.com/bid/93904

Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
2016-10-26
http://www.securityfocus.com/bid/93903

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-10-26
http://www.securityfocus.com/bid/91081

LibTIFF CVE-2016-5652 Heap Buffer Overflow Vulnerability
2016-10-26
http://www.securityfocus.com/bid/93902

libTIFF CVE-2016-8331 Type Confusion Remote Code Execution Vulnerability
2016-10-26
http://www.securityfocus.com/bid/93898

LibTIFF 'libtiff/tif_pixarlog.c' Heap Buffer Overflow Vulnerability
2016-10-26
http://www.securityfocus.com/bid/91500

Firejail CVE-2016-9016 Remote Privilege Escalation Vulnerability
2016-10-26
http://www.securityfocus.com/bid/93899

Adobe Flash Player CVE-2016-7855 Use After Free Remote Code Execution Vulnerability
2016-10-26
http://www.securityfocus.com/bid/93861

Apache Standard Taglibs CVE-2015-0254 XML External Entity Injection Vulnerability
2016-10-26
http://www.securityfocus.com/bid/72809

SANS News

Critical Flash Player Update APSB16-36

Threatpost

Apple Patches iOS Flaw Exploitable by Malicious JPEG

Following Lull, New Campaigns Pushing Retooled ‘Pumpkin’ Locky

Lawmakers Asking What ISPs Can Do About DDoS Attacks

Adobe Patches Flash Zero Day Under Attack

Remote Code Execution Vulnerabilities Plague LibTIFF Library

Exploit

Network Scanner 4.0.0 - SEH Local Buffer Overflow

Komfy Switch with Camera DKZ-201S/W - Wifi Password Disclosure

Boonex Dolphin 7.3.2 - Authentication Bypass

SmallFTPd 1.0.3 - 'mkd' Command Denial of Service

25.10.2016

Bugtraq

CVE-2016-6804 Apache OpenOffice Windows Installer Untrusted Search Path 2016-10-25
Dennis E. Hamilton (orcmid apache org)

wincvs-2.0.2.4 Privilege Escalation 2016-10-25
apparitionsec gmail com

APPLE-SA-2016-10-24-3 Safari 10.0.1 2016-10-24
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 3698-1] php5 security update 2016-10-24
Salvatore Bonaccorso (carnil debian org)

Puppet Enterprise Web Interface Authentication Redirect 2016-10-22
hyp3rlinx lycos com

Malware

Ransom:Win32/Cerber 

Infostealer.Zum

Backdoor:Win32/Plugx.X!lnk 
Backdoor:Win32/Plugx.X 

Backdoor:Win32/Plugx.X!lnk 

Phishing

Nationwide Building Society

24th October 2016

YOUR ONLINE BANKING ACCESS WAS
DENIED

USAA

23rd October 2016

Account Locked - Urgent
Verification Required

Vulnerebility

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93793

AlienVault USM/OSSIM CVE-2016-8583 Multiple Cross Site Scripting Vulnerabilities
2016-10-25
http://www.securityfocus.com/bid/93863

Multiple AlienVault Products 'widgets/data/gauge.php' SQL Injection Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93866

Alienvault OSSIM/USM CVE-2016-8581 HTML Injection Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93862

libwmf CVE-2016-9011 Memory Corruption Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93860

Foreman CVE-2016-8613 HTML Injection Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93859

WebKit CVE-2016-4677 Multiple Unspecified Memory Corruption Vulnerabilities
2016-10-25
http://www.securityfocus.com/bid/93853

Apple iOS/tvOS/WatchOS Multiple Information Disclosure Vulnerabilities
2016-10-25
http://www.securityfocus.com/bid/93854

Apple iOS/tvOS/macOS CVE-2016-7579 Information Disclosure Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93856

Apple macOS Prior to 10.12.1 Multiple Security Vulnerabilities
2016-10-25
http://www.securityfocus.com/bid/93852

Puppet Enterprise User Enumeration Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93847

Apple macOS/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2016-10-25
http://www.securityfocus.com/bid/93849

WebKit Multiple Security Vulnerabilities
2016-10-25
http://www.securityfocus.com/bid/93851

Apple Mac OS X and iOS CVE-2016-4635 Security Bypass Vulnerability
2016-10-25
http://www.securityfocus.com/bid/91829

ISC BIND CVE-2016-2775 Remote Denial of Service Vulnerability
2016-10-25
http://www.securityfocus.com/bid/92037

ISC BIND CVE-2016-6170 Remote Denial of Service Vulnerability
2016-10-25
http://www.securityfocus.com/bid/91611

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93188

ISC BIND CVE-2016-2088 Remote Denial of Service Vulnerability
2016-10-25
http://www.securityfocus.com/bid/84290

ISC BIND CVE-2015-8704 Remote Denial of Service Vulnerability
2016-10-25
http://www.securityfocus.com/bid/81329

ISC BIND CVE-2015-8705 Remote Denial of Service Vulnerability
2016-10-25
http://www.securityfocus.com/bid/81314

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93842

Apple iOS CVE-2016-4686 Security Bypass Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93848

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93844

Puppet Enterprise CVE-2016-5715 Incomplete Fix Open Redirection Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93846

Puppet Enterprise CVE-2015-6501 Open Redirection Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93845

Ubuntu tracker-extract Package Denial of Service Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93843

Microsoft Windows NDISTAPI CVE-2011-1974 Local Privilege Escalation Vulnerability
2016-10-25
http://www.securityfocus.com/bid/48996

KMail Multiple Security Vulnerabilities
2016-10-25
http://www.securityfocus.com/bid/93360

OpenSSL CVE-2016-8610 Denial of Service Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93841

JasPer CVE-2016-8886 Denial of Service Vulnerability
2016-10-25
http://www.securityfocus.com/bid/93839

SANS News

A few Mirai Updates: MIPS, PPC version; a bit less scanning

Another Day, Another Spam...

Threatpost

Rowhammer Vulnerability Comes to Android

Fake Microsoft Installer Leads to Malware, Support Call Scam

Chinese Manufacturer Recalls IOT Gear Following Dyn DDoS

St. Jude Faces New Claim Heart Implants are Hackable

Find Your Keys, Lose Your Privacy

Election Leaks Failed to Move Needle on Polls

Following Lull, New Campaigns Pushing Retooled ‘Pumpkin’ Locky

Dyn DDoS Work of Script Kiddies, Not Politically Motivated Hackers

Exploit

Orange Inventel LiveBox 5.08.3-sp - Cross-Site Request Forgery

EC-CUBE 2.12.6 - Server-Side Request Forgery

Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 - Insecure Configuration...

Microsoft Windows (x86) - 'NDISTAPI' Privilege Escalation (MS11-062)

24.10.2016

Bugtraq

[SECURITY] [DSA 3698-1] php5 security update 2016-10-24
Salvatore Bonaccorso (carnil debian org)

Puppet Enterprise Web Interface Authentication Redirect 2016-10-22
hyp3rlinx lycos com

Puppet Enterprise Web Interface User Enumeration 2016-10-21
apparitionsec gmail com

Malware

Ransom.SHCLocker

Phishing

USAA

23rd October 2016

Account Locked - Urgent
Verification Required

Community Resource Credit Unio

23rd October 2016

Locked account

Barclays

22nd October 2016

Barclays (8)

Vulnerebility

Joomla! Core 'com_joomlaupdate' Cross Site Request Forgery Vulnerability
2016-10-24
http://www.securityfocus.com/bid/93840

IBM Security Guardium CVE-2016-0240 Man in the Middle Information Disclosure Vulnerability
2016-10-24
http://www.securityfocus.com/bid/93836

JasPer Incomplete Fix Multiple Null Pointer Dereference Denial of Service Vulnerabilities
2016-10-24
http://www.securityfocus.com/bid/93834

Atlassian Crowd CVE-2016-6496 LDAP Injection Vulnerability
2016-10-24
http://www.securityfocus.com/bid/93826

Apache Struts CVE-2016-4438 Remote Code Execution Vulnerability
2016-10-24
http://www.securityfocus.com/bid/91275

Apache Struts CVE-2016-3082 Remote Code Execution Vulnerability
2016-10-24
http://www.securityfocus.com/bid/88826

Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
2016-10-24
http://www.securityfocus.com/bid/91068

Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2016-10-24
http://www.securityfocus.com/bid/91067

Apache Struts CVE-2016-2162 Cross Site Scripting Vulnerability
2016-10-24
http://www.securityfocus.com/bid/85070

Apache Struts CVE-2016-4436 Security Bypass Vulnerability
2016-10-24
http://www.securityfocus.com/bid/91280

Apache Struts CVE-2016-3093 Denial of Service Vulnerability
2016-10-24
http://www.securityfocus.com/bid/90961

Apache Struts CVE-2016-4003 Cross Site Scripting Vulnerability
2016-10-24
http://www.securityfocus.com/bid/86311

Apache Struts CVE-2016-4431 Security Bypass Vulnerability
2016-10-24
http://www.securityfocus.com/bid/91284

Apache Struts CVE-2016-4433 Security Bypass Vulnerability
2016-10-24
http://www.securityfocus.com/bid/91282

Apache Struts CVE-2016-4465 Denial of Service Vulnerability
2016-10-24
http://www.securityfocus.com/bid/91278

Apache Struts CVE-2016-4430 Cross-Site Request Forgery Vulnerability
2016-10-24
http://www.securityfocus.com/bid/91281

Apache Struts CVE-2016-3087 Remote Code Execution Vulnerability
2016-10-24
http://www.securityfocus.com/bid/90960

Apache Struts CVE-2016-3081 Remote Code Execution Vulnerability
2016-10-24
http://www.securityfocus.com/bid/87327

Apache Struts CVE-2016-0785 Remote Code Execution Vulnerability
2016-10-24
http://www.securityfocus.com/bid/85066

IBM Security Guardium Database Activity Monitor CVE-2016-0241 Local Security Bypass Vulnerability
2016-10-24
http://www.securityfocus.com/bid/93828

Schneider Electric Unity PRO Insecure File Downloading Remote Code Execution Vulnerability
2016-10-24
http://www.securityfocus.com/bid/93830

IBM Cognos Disclosure Management CVE-2016-6077 Local Command Execution Vulnerability
2016-10-24
http://www.securityfocus.com/bid/93829

IBM Security Guardium Database Activity Monitor CVE-2016-0239 Authorization Bypass Vulnerability
2016-10-24
http://www.securityfocus.com/bid/93827

Multiple Panda Security Multiple Products DLL Loading Local Code Execution Vulnerability
2016-10-24
http://www.securityfocus.com/bid/91465

Cisco WebEx Meetings Player CVE-2016-1464 Remote Code Execution Vulnerability
2016-10-24
http://www.securityfocus.com/bid/92708

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-10-24
http://www.securityfocus.com/bid/93793

IBM Security Guardium CVE-2016-0242 Information Disclosure Vulnerability
2016-10-24
http://www.securityfocus.com/bid/93825

IBM Rational Quality Manager CVE-2016-0326 Remote Command Injection Vulnerability
2016-10-24
http://www.securityfocus.com/bid/93824

IBM Security Guardium Database Activity Monitor CVE-2016-0236 Remote Command Injection Vulnerability
2016-10-24
http://www.securityfocus.com/bid/93823

Joomla! Huge-IT Slideshow Extension Multiple Security Vulnerabilities
2016-10-24
http://www.securityfocus.com/bid/93822

SANS News

ISC Briefing: Large DDoS Attack Against Dyn

Threatpost

 

Exploit

Zenbership 107 - Multiple Vulnerabilities

Orange Inventel LiveBox 5.08.3-sp - Cross-Site Request Forgery

Microsoft Windows (x86) - 'NDISTAPI' Privilege Escalation (MS11-062)

23.10.2016

Bugtraq

Puppet Enterprise Web Interface Authentication Redirect 2016-10-22
hyp3rlinx lycos com

Puppet Enterprise Web Interface User Enumeration 2016-10-21
apparitionsec gmail com

Puppet Enterprise Web Interface Authentication Redirect 2016-10-21
apparitionsec gmail com

Oracle Netbeans IDE v8.1 Import Directory Traversal 2016-10-21
apparitionsec gmail com

Malware

SupportScam:MSIL/Hicurdismos.A 

Trojan.Sarvdap

Phishing

USAA

21st October 2016

Account Locked - Urgent Action
Required

HSBC Bank

21st October 2016

Please check your account !

service@intl.paypal

21st October 2016

YOU HAVE A PROBLEM WITH YOUR
PAYPAL ACCOUNT

Vulnerebility

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93793

IBM Security Guardium Database Activity Monitor CVE-2016-0236 Remote Command Injection Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93823

Joomla! Huge-IT Slideshow Extension Multiple Security Vulnerabilities
2016-10-23
http://www.securityfocus.com/bid/93822

Adobe Acrobat and Reader APSB16-33 Multiple Memory Corruption Vulnerabilities
2016-10-23
http://www.securityfocus.com/bid/93496

Joomla! Huge-IT Portfolio Gallery Manager Multiple Security Vulnerabilities
2016-10-23
http://www.securityfocus.com/bid/93821

RETIRED: ISC BIND CVE-2016-2848 Remote Denial of Service Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93809

WordPress hero-maps-pro Plugin 'index.php' Cross Site Scripting Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93815

WordPress hdw-tube Plugin 'mychannel.php' Cross Site Scripting Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93820

WordPress infusionsoft Plugin CVE-2016-1000139 Cross Site Scripting Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93819

WordPress heat-trackr Plugin 'heat-trackr_abtest_add.php' Cross Site Scripting Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93818

WordPress New-year-firework Plugin CVE-2016-1000140 Cross Site Scripting Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93817

ISC BIND CVE-2016-2848 Remote Denial of Service Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93814

WordPress indexisto Plugin 'indexisto-inject.php' Cross Site Scripting Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93816

McAfee Host Intrusion Prevention Services CVE-2016-8007 Local Authentication Bypass Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93813

Mozilla Firefox CVE-2016-5288 Information Disclosure Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93810

Mozilla Firefox CVE-2016-5287 Denial of Service Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93811

Mozilla Firefox Multiple Security Vulnerabilities
2016-10-23
http://www.securityfocus.com/bid/92260

Mozilla Firefox Multiple Security Vulnerabilities
2016-10-23
http://www.securityfocus.com/bid/93049

Nuuo NT-4040 Titan CVE-2016-6553 Insecure Default Password Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93807

Intellian Satellite TV t-Series and v-Series CVE-2016-6551 Insecure Default Password Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93808

Green Packet DX-350 CVE-2016-6552 Insecure Default Password Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93806

Multiple Synology DiskStation Products CVE-2016-6554 Insecure Default Password Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93805

WordPress PhotoXhibit Plugin 'pages/build.php' Cross Site Scripting Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93803

WordPress page-layout-builder Plugin CVE-2016-1000141 Cross Site Scripting Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93804

WordPress parsi-font Plugin 'css.php' Cross Site Scripting Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93802

Hopper Dissassembler CVE-2016-8390 Remote Code Execution Vulnerability
2016-10-23
http://www.securityfocus.com/bid/93801

Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
2016-10-23
http://www.securityfocus.com/bid/75837

Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
2016-10-23
http://www.securityfocus.com/bid/75849

Oracle MySQL Server CVE-2015-4767 Remote Security Vulnerability
2016-10-23
http://www.securityfocus.com/bid/75844

Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
2016-10-23
http://www.securityfocus.com/bid/75830

SANS News

Request for Packets TCP 4786 - CVE-2016-6385

Threatpost

Serious Dirty Cow Linux Vulnerability Under Attack

Mozilla Turning TLS 1.3 On By Default With Firefox 52

Exploit

TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution...

Just Dial Clone Script - SQL Injection

FreePBX 10.13.66 - Remote Command Execution / Privilege Escalation

Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege...

RealPlayer 18.1.5.705 - '.QCP' Crash (PoC)

Oracle VM VirtualBox 4.3.28 - '.ovf' Crash (PoC)

21.10.2016

Bugtraq

ESA-2016-111: EMC Avamar Data Store and Avamar Virtual Edition Privilege Escalation Vulnerability 2016-10-20
EMC Product Security Response Center (Security_Alert emc com)

Defense in depth -- the Microsoft way (part 44): complete failure of Windows Update 2016-10-20
Stefan Kanthak (stefan kanthak nexgo de)

Malware

Trojan.Sarvdap

Phishing

service@intl.paypal

21st October 2016

YOU HAVE A PROBLEM WITH YOUR
PAYPAL ACCOUNT

PayPal

21st October 2016

UPDATE ACCOUNT INFORMATION

Stripe

21st October 2016

confirmation of stripe account

Apple Support

21st October 2016

Important Update Required In
Your Account

Eve

21st October 2016

Invalid login attempts on your
Account

PayPal

21st October 2016

Your card has been removed
from your PayPal account

USAA

21st October 2016

NEW USAA ONLINE MESSAGE

Apple

21st October 2016

APPLE ACCOUNT UPDATE

Customer service

21st October 2016

New Message from PayPal Member

Outlook Team

21st October 2016

ID: 133 - Email Security
Alert! (June 2016)�

HSBC

21st October 2016

Suspended Notice

Amazon

21st October 2016

BE AN AMAZONS NEW SMARTPHONE
TESTER

BARCLAYS PLC

21st October 2016

Access Suspended Notification

 

MR. CHRIS JOSEPH

21st October 2016

ATTENTION DEAR BENEFICIARY
OWNER OF THIS ATM VISA
CARD!!!.

WELLSFARGO

21st October 2016

Your Account Untrusted
Authorization

Apple © - iTunes Store

21st October 2016

New order

Amazon

21st October 2016

TEST AND KEEP THE AMAZONS NEW
SMARTPHONE

Apple

21st October 2016

Your Apple ID has been
temporarily suspended

Tesco Bank

21st October 2016

TESCO BANK ALERTS: URGENT
VERIFICATION REQUIRED

Chase

21st October 2016

UPDATE YOUR ACCOUNT NOW

hans

21st October 2016

NEW PRODUCTS NEED YOUR REVIEW
IN UK AMAZON(KOMMII�
(TO L H)

Amazon.co.uk

21st October 2016

Verify Your Account.

Service-Amazon

21st October 2016

Account Alert

Paypal Service

21st October 2016

YOUR ACCOUNT HAS BEEN LIMITED
!

Vulnerebility

Mozilla Network Security Services CVE-2014-1492 Security Bypass Vulnerability
2016-10-21
http://www.securityfocus.com/bid/66356

OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2016-10-21
http://www.securityfocus.com/bid/78626

Linux Kernel Multiple Remote Denial of Service Vulnerability
2016-10-21
http://www.securityfocus.com/bid/75510

Mozilla Network Security Services CVE-2013-5606 Certificate Validation Security Bypass Vulnerability
2016-10-21
http://www.securityfocus.com/bid/63737

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
2016-10-21
http://www.securityfocus.com/bid/65335

OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2016-10-21
http://www.securityfocus.com/bid/78623

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2016-10-21
http://www.securityfocus.com/bid/70116

Network Security Services Uninitialized Data Read Security Vulnerability
2016-10-21
http://www.securityfocus.com/bid/62966

Motorola Multiple Devices For Android Local Privilege Escalation Vulnerability
2016-10-21
http://www.securityfocus.com/bid/59264

Mozilla Network Security Services CVE-2013-5605 Remote Arbitrary Code Execution Vulnerability
2016-10-21
http://www.securityfocus.com/bid/63738

ISC DHCP Multiple Denial of Service Vulnerabilities
2016-10-21
http://www.securityfocus.com/bid/54665

Xen CVE-2015-2151 Memory Corruption Vulnerability
2016-10-21
http://www.securityfocus.com/bid/73015

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2016-10-21
http://www.securityfocus.com/bid/67975

WordPress wpsolr-search-engine Plugin 'template-my-accounts.php' Cross Site Scripting Vulnerability
2016-10-21
http://www.securityfocus.com/bid/93536

Mozilla Network Security Services CVE-2013-1741 Integer Overflow Vulnerability
2016-10-21
http://www.securityfocus.com/bid/63736

ISC DHCP Multiple Denial of Service Vulnerabilities
2016-10-21
http://www.securityfocus.com/bid/49120

ISC DHCP 'dhclient' Shell Characters in Response Remote Code Execution Vulnerability
2016-10-21
http://www.securityfocus.com/bid/47176

Google Chrome Prior to 54.0.2840.59 Multiple Security Vulnerabilities
2016-10-21
http://www.securityfocus.com/bid/93528

Juniper Junos CVE-2016-4922 Multiple Local Privilege Escalation Vulnerabilities
2016-10-21
http://www.securityfocus.com/bid/93534

Juniper JunosE CVE-2016-4925 Denial of Service Vulnerability
2016-10-21
http://www.securityfocus.com/bid/93533

Juniper Junos J-Web CVE-2016-4923 Cross Site Scripting Vulnerability
2016-10-21
http://www.securityfocus.com/bid/93529

Juniper vMX CVE-2016-4924 Local Security Bypass Vulnerability
2016-10-21
http://www.securityfocus.com/bid/93531

Juniper Junos CVE-2016-4921 Denial of Service Vulnerability
2016-10-21
http://www.securityfocus.com/bid/93532

Multiple Huawei Smart Phones Drivers Stack Buffer Overflow and Heap Buffer Overflow Vulnerabilities
2016-10-21
http://www.securityfocus.com/bid/93530

Appweb CVE-2014-9708 Null Pointer Deference Denial of Service Vulnerability
2016-10-21
http://www.securityfocus.com/bid/73407

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-10-21
http://www.securityfocus.com/bid/91453

Apache POI CVE-2012-0213 Denial Of Service Vulnerability
2016-10-21
http://www.securityfocus.com/bid/53487

Multiple F5 Products CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability
2016-10-21
http://www.securityfocus.com/bid/71549

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2016-10-21
http://www.securityfocus.com/bid/69647

Cisco IOS XE Software CVE-2016-6438 Remote Security Bypass Vulnerability
2016-10-21
http://www.securityfocus.com/bid/93518

SANS News

Dyn.com DDoS Attack

How Stolen iOS Devices Are Unlocked

Threatpost

Yahoo Asks DNI to De-Classify Email Scanning Order

Locky Ransomware Learns New Evasive Tricks

iCloud Phishing Campaign Zycode Back From the Dead
 

Dyn Confirms DDoS Attack Affecting Twitter, Github, Many Others

Exploit

Linux Kernel 2.6.22 < 3.9 (x86/x46) - 'Dirty COW' Race Condition Privilege...

MiCasa VeraLite - Remote Code Execution

Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit)

OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)

Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML...

Microsoft Edge - Array.map Heap Overflow (MS16-119)

Microsoft Edge - Array.join Info Leak (MS16-119)

SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service

SAP Adaptive Server Enterprise 16 - Denial of Service

Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds...

Windows win32k.sys - TTF Processing win32k!sbit_Embolden /...

Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in...

Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation...

Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege...

Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation...

20.10.2016

Bugtraq

ESA-2016-111: EMC Avamar Data Store and Avamar Virtual Edition Privilege Escalation Vulnerability 2016-10-20
EMC Product Security Response Center (Security_Alert emc com)

Defense in depth -- the Microsoft way (part 44): complete failure of Windows Update 2016-10-20
Stefan Kanthak (stefan kanthak nexgo de)

[CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability 2016-10-20
dirtycow dirtcow ninja

Defense in depth -- the Microsoft way (part 45): filesystem redirection fails to redirect the application directory 2016-10-20
Stefan Kanthak (stefan kanthak nexgo de)

[security bulletin] HPSBGN03663 rev.1 - HPE ArcSight WINC Connector, Remote Code Execution 2016-10-19
security-alert hpe com

Cisco Security Advisory: Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability 2016-10-19
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 3695-1] quagga security update 2016-10-18
Florian Weimer (fw deneb enyo de)

[SECURITY] [DSA 3694-1] tor security update 2016-10-18
Moritz Muehlenhoff (jmm debian org)

Malware

Trojan.Sabresac

Phishing

service@paypal.co.uk

20th October 2016

Reminder: Your account has
been Iimited-Update required.

Barclays Bank PLC

20th October 2016

You have new available
documents available in
Barclays Cloud It

Apple

20th October 2016

Your Apple Order

PayPal.Inc

20th October 2016

Yout Paypal Accounts Has Been
Limited

Apple

20th October 2016

IMPORTANT: APPLE PREVIEWS
MAJOR UPDATE

Service client

20th October 2016

Account Notification

Barclays

20th October 2016

Access to online banking has
been blocked

PayPal.inc

20th October 2016

FWD: [ PAYPAL ] : ACCOUNT
NOTICE !

Mr.Adebayo Adelabu

20th October 2016

Kindly get back to me urgently

Vulnerebility

OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93776

Multiple Cisco Products CVE-2016-6439 Denial of Service Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93787

Node.js CVE-2016-7099 Security Bypass Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93191

Node.js CVE-2016-5325 CRLF Injection Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93483

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93153

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93150

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-10-20
http://www.securityfocus.com/bid/91081

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2016-10-20
http://www.securityfocus.com/bid/92984

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-10-20
http://www.securityfocus.com/bid/92630

EMC Avamar Data Store and Avamar Virtual Edition Local Privilege Escalation Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93788

OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2016-10-20
http://www.securityfocus.com/bid/75158

PCRE CVE-2016-1283 Heap Buffer Overflow Vulnerability
2016-10-20
http://www.securityfocus.com/bid/79825

Cisco Adaptive Security Appliance (ASA) Software CVE-2016-6431 Denial of Service Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93786

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2016-10-20
http://www.securityfocus.com/bid/67121

Cisco Meeting Server CVE-2016-6444 Cross Site Request Forgery Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93785

Cisco Adaptive Security Appliance Products CVE-2016-6432 Buffer Overflow Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93784

libarchive Multiple Security Vulnerabilities
2016-10-20
http://www.securityfocus.com/bid/93781

Potrace Multiple Security Vulnerabilities
2016-10-20
http://www.securityfocus.com/bid/93778

Cisco Meeting Server CVE-2016-6446 Information Disclosure Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93782

Cisco IOS and IOS XE Software CVE-2015-6289 Denial of Service Vulnerability
2016-10-20
http://www.securityfocus.com/bid/91322

GraphicsMagick 'memory.c' Memory Corruption Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93779

IBM WebSphere Application Server CVE-2016-5986 Information Disclosure Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93013

IBM TRIRIGA Application Platform CVE-2016-5980 Unspecified Cross Site Scripting Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93780

Potrace CVE-2016-8686 Memory Corruption Vulnerability
2016-10-20
http://www.securityfocus.com/bid/93777

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-10-20
http://www.securityfocus.com/bid/91453

OpenSSL 'crypto/asn1/a_d2i_fp.c' Local Denial of Service Vulnerability
2016-10-20
http://www.securityfocus.com/bid/87940

Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability
2016-10-20
http://www.securityfocus.com/bid/83326

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2016-10-20
http://www.securityfocus.com/bid/89746

Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability
2016-10-20
http://www.securityfocus.com/bid/83330

Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability
2016-10-20
http://www.securityfocus.com/bid/83324

SANS News

Malspam delivers NanoCore RAT

Threatpost

Adult FriendFinder Vulnerability Leaves Millions Exposed

Oracle Fixes 253 Vulnerabilities in Last CPU of 2016

Skyping and Typing the Latest Threat to Privacy

Mobile Applications Leak Device, Location Data

Bypassing ASLR in 60 Milliseconds

Exploit

Oracle Netbeans IDE v8.1 - Import Directory Traversal

Intel(R) PROSet/Wireless WiFi Software 15.01.1000.0927 - Unquoted Service Path...

XhP CMS 0.5.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting

Realtek High Definition Audio Driver 6.0.1.6730 - Unquoted Service Path Privilege...

PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation

Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed 15.1.0.0096 - Unquoted...

Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path...

Vembu StoreGrid 4.0 - Unquoted Service Path Privilege Escalation

Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation

Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege...

Intel(R) Management Engine Components 8.0.1.1399 - Unquoted Service Path Privilege...

IObit Advanced SystemCare 10.0.2 - Unquoted Service Path Privilege Escalation

19.10.2016

Bugtraq

[SECURITY] [DSA 3695-1] quagga security update 2016-10-18
Florian Weimer (fw deneb enyo de)

[SECURITY] [DSA 3694-1] tor security update 2016-10-18
Moritz Muehlenhoff (jmm debian org)

[ERPSCAN-16-030] SAP NetWeaver - buffer overflow vulnerability 2016-10-17
ERPScan inc (erpscan online gmail com)

[SECURITY] [DSA 3693-1] libgd2 security update 2016-10-14
Moritz Muehlenhoff (jmm debian org)

Malware

 

Phishing

Google

19th October 2016

Suspected Login

AOL

19th October 2016

Account Alert

Support

19th October 2016

Account Limited

❤BraziliaW0men_Team❤

19th October 2016

JOEY ✉HERE YOU CAN FIND THE
MOST BEAUTIFUL SINGLES FROM
BRAZIL

Wells Fargo Online

19th October 2016

**IMPORTANT NOTICE**
VERIFICATION REQUIRED.

Barclays Bank

19th October 2016

1 NEW MESSAGE

Groupon

18th October 2016

YOU FORGOT TO ACTIVATE YOUR
GIFT CARD

Bank of America

18th October 2016

Account Activity

Vulnerebility

Libav 'get_vlc2()' Function NULL Pointer Dereference Denial of Service Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93468

Potrace 'decompose.c' Memory Corruption Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93470

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2016-10-19
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93150

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-10-19
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-10-19
http://www.securityfocus.com/bid/92987

OpenSSH CVE-2016-6210 User Enumeration Vulnerability
2016-10-19
http://www.securityfocus.com/bid/91812

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-10-19
http://www.securityfocus.com/bid/91704

MuPDF 'pdf-object.c' Use After Free Denial of Service Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93127

Evernote for Windows DLL Loading Remote Code Execution Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93572

Linux Kernel 'lib/asn1_decoder.c' Local Memory Corruption Vulnerability
2016-10-19
http://www.securityfocus.com/bid/90626

Quagga CVE-2016-1245 Buffer Overflow Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93775

Apache Struts CVE-2016-6795 Directory Traversal Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93773

OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2016-10-19
http://www.securityfocus.com/bid/75525

OpenSSL CVE-2016-6305 Denial of Service Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93149

SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2016-10-19
http://www.securityfocus.com/bid/58796

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93171

Oracle Fusion Middleware CVE-2016-5531 Remote Security Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93730

Oracle Siebel CVE-2016-5534 Remote Security Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93757

Oracle MySQL Server CVE-2015-2568 Remote Security Vulnerability
2016-10-19
http://www.securityfocus.com/bid/74073

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-10-19
http://www.securityfocus.com/bid/91081

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2016-10-19
http://www.securityfocus.com/bid/65768

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2016-10-19
http://www.securityfocus.com/bid/92628

Oracle Fusion Middleware CVE-2016-3505 Remote Security Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93708

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-10-19
http://www.securityfocus.com/bid/92557

Oracle Fusion Middleware CVE-2016-8281 Remote Security Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93771

Oracle Fusion Middleware CVE-2016-5536 Remote Security Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93772

Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2016-10-19
http://www.securityfocus.com/bid/91067

Oracle Fusion Middleware CVE-2016-5535 Remote Security Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93692

Oracle Fusion Middleware CVE-2016-5500 Remote Security Vulnerability
2016-10-19
http://www.securityfocus.com/bid/93680

SANS News

Spam Delivered via .ICS Files

Threatpost

VeraCrypt Patches Critical Vulnerabilities Uncovered in Audit

Attackers Hiding Stolen Credit Card Numbers in Images

Mirai Bots More Than Double Since Source Code Release

Exploit

Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046)

Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123)

Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege...

Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124)

LanSpy 2.0.0.155 - Local Buffer Overflow

Pluck CMS 4.7.3 - Cross-Site Request Forgery (Add Page)

ManageEngine ServiceDesk Plus 9.2 Build 9207 - Unauthorized Information Disclosure

Cgiemail 1.6 - Source Code Disclosure

The Unarchiver 3.11.1 - '.tar.Z' Crash PoC

18.10.2016

Bugtraq

[ERPSCAN-16-030] SAP NetWeaver - buffer overflow vulnerability 2016-10-17
ERPScan inc (erpscan online gmail com)

[SECURITY] [DSA 3693-1] libgd2 security update 2016-10-14
Moritz Muehlenhoff (jmm debian org)

Malware

Ransom:Win32/Polyglot.A 

W32.Coinbitminer

TrojanDownloader:PowerShell/Ploprolo.A 

Trojan.Trickybot

Phishing

Support ID.

18th October 2016

PAYPAL ALERT : VIEW YOUR
RECENT ACTIVITY.

Paypal

18th October 2016

SOMEONE LOGGED INTO YOUR
ACCOUNT FROM ANOTHER COUNTRY

Update Account

18th October 2016

UPDATE ACCOUNT

customer services

18th October 2016

PayPal : User Agreement
Changed

Bank of America

18th October 2016

Account Alert: irregular
activity

PayPal Intel

18th October 2016

Please update your
inforamtions !

@Paypal Service

18th October 2016

Reminder: Your account will be
Limited (Case ID
PP-703-105-118)

Apple

18th October 2016

IMPORTANT: APPLE PREVIEWS
MAJOR UPDATE

Apple

18th October 2016

YOUR INVOICE FROM APPLE

NatWest

18th October 2016

Your account has been closed

Eve

18th October 2016

Your Account Has Been Locked.

Microsoft

18th October 2016

Representative Inquiry

Mail Administrator

18th October 2016

Account Suspension Notice.

Maura Fleming

18th October 2016

Re: Desperate to H00kup

Merchant Center

18th October 2016

INTUIT PAYMENTS

Account Support

18th October 2016

we will close your account

V.l.S.A. Customer Services

18th October 2016

YOUR CREDIT CARD IS SUSPENDED

Apple

18th October 2016

Action Required : Apple Inc

Vanquis-Credit-Cards

18th October 2016

VANQUIS VISA COULD HELP YOU
BUILD YOUR CREDIT

customerservice

18th October 2016

Message important

Amazon

18th October 2016

IMPORTANT UPDATES FROM AMAZON

AOL

18th October 2016

AOL MAIL

Wells Fargo Online

18th October 2016

Wells Fargo Update Your
Account

Match & More

18th October 2016

A MORRISON GIFT CARD FOR YOU.
ENJOY.

Vulnerebility

Libdwarf 'dwarf_util.c' Heap Buffer Overflow Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93601

GraphicsMagick CVE-2016-8683 Denial of Service Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93600

GraphicsMagick CVE-2016-8682 Stack Based Buffer Overflow Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93597

ImageMagick 'pixel-accessor.h' Heap Buffer Overflow Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93599

ASUS RP-AC52 Access Point Multiple Security Vulnerabilities
2016-10-18
http://www.securityfocus.com/bid/93596

ImageMagick 'coders/tiff.c' Memory Corruption Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93598

Libdwarf 'dwarf_util.c' Heap Based Buffer Overflow Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93595

PHP LibGD CVE-2016-8670 Stack Buffer Overflow Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93594

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-10-18
http://www.securityfocus.com/bid/92452

Linux Kernel CVE-2016-6136 Local Information Disclosure Vulnerability
2016-10-18
http://www.securityfocus.com/bid/91558

Linux Kernel CVE-2016-6480 Local Information Disclosure Vulnerability
2016-10-18
http://www.securityfocus.com/bid/92214

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93563

Libdwarf CVE-2016-8681 Heap Based Buffer Overflow Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93592

JasPer CVE-2016-8691 Divide By Zero Denial of Service Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93593

WordPress 'recipes-writer' Plugin Cross Site Scripting Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93589

Linux Kernel 'mm/memory.c' Local Code Execution Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93591

JasPer CVE-2016-8692 Divide By Zero Denial of Service Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93588

JasPer CVE-2016-8690 Null Pointer Dereference Denial of Service Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93590

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93567

JasPer CVE-2016-8693 Double Free Remote Code Execution Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93587

Qemu '/hw/net/rocker/rocker.c' Local Out-of-Bounds Read Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93566

WordPress pondol-carousel Plugin CVE-2016-1000145 Cross Site Scripting Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93586

WordPress PhotoXhibit Plugin CVE-2016-1000144 Cross Site Scripting Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93585

WordPress pondol-formmail Plugin 'admin-mail-info.php' Cross Site Scripting Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93584

WordPress Simplified-Content Plugin CVE-2016-1000150 Cross Site Scripting Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93581

WordPress S3 Video Plugin 'preview_video.php' Cross Site Scripting Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93583

WordPress simpel-reserveren Plugin 'edit.php' Cross Site Scripting Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93582

SHA-0/SHA-1 Reduced Operation Digest Collision Weakness
2016-10-18
http://www.securityfocus.com/bid/12577

WordPress tera-charts Plugin 'treemap.php' Cross Site Scripting Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93580

WordPress 'tidio-form' Plugin Cross Site Scripting Vulnerability
2016-10-18
http://www.securityfocus.com/bid/93579

SANS News

OpenSSH Protocol Mismatch In Response to SSL Client Hello

Threatpost

Free SSL Providers Spark Unprecedented Growth in Encrypted Traffic

TrickBot Banking Trojan Could Be Dyre Rewrite

Exploit

 

17.10.2016

Bugtraq

[ERPSCAN-16-030] SAP NetWeaver - buffer overflow vulnerability 2016-10-17
ERPScan inc (erpscan online gmail com)

[SECURITY] [DSA 3693-1] libgd2 security update 2016-10-14
Moritz Muehlenhoff (jmm debian org)

Evernote for Windows DLL Loading Remote Code Execution Vulnerability 2016-10-14
mehta himanshu21 gmail com

[security bulletin] HPSBNS03661 rev.1 - NonStop Backbox, Remote Disclosure of Information 2016-10-13
security-alert hpe com

Snort v2.9.7.0-WIN32 DLL Hijack 2016-10-12
apparitionsec gmail com

Malware

 

Phishing

Apple

17th October 2016

YOUR APPLE ORDER

PayPal

17th October 2016

PAYPAL SUSPICIOUS SIGN-IN

Account Support

17th October 2016

WE'VE IIMITED ACCESS TO YOUR
PAYPAI ACCOUNT

Paypal

17th October 2016

SOMEONE LOGGED INTO YOUR
ACCOUNT FROM ANOTHER COUNTRY

Update Account

17th October 2016

UPDATE ACCOUNT

Paypal

17th October 2016

Your Paypal account Has been
limited

Rickert Sparks

17th October 2016

You could make 12k bucks a
week

PayPal Team

17th October 2016

Your account has been Iimited
untiI we hear from you

PayPal

17th October 2016

YOUR LAST CHANCE TO UPDATE
YOUR ACCOUNT INFORMATION.

Apple

17th October 2016

Your invoice No. 949824983

Apple Inc

17th October 2016

Help us protect your account

FedEx SmartPost

17th October 2016

JONA, PROBLEM WITH PARCEL
SHIPPING, ID:0000862354

River Cruise

17th October 2016

River Cruises - the new hot
way to travel

Wells Fargo Online

17th October 2016

Your Transaction(s) Request
Alert

DR. NBONGO MANAGING

17th October 2016

*(GROUPE UBA BANK) Benin
Republic.*
*UBA-BENIN­REPUBLIC* *Avenue
Jean-Paul II - 08 BP 0879 -
Cotonou - Bénin*

Congratulations

17th October 2016

Someone Has Sent You An Amazon
Gift Card

Vulnerebility

SHA-0/SHA-1 Reduced Operation Digest Collision Weakness
2016-10-17
http://www.securityfocus.com/bid/12577

WordPress tera-charts Plugin 'treemap.php' Cross Site Scripting Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93580

WordPress 'tidio-form' Plugin Cross Site Scripting Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93579

Magento CMS Multiple Cross-Site Request Forgery Vulnerabilities
2016-10-17
http://www.securityfocus.com/bid/93576

Magento CMS Flash File Uploader Cross Site Scripting Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93575

Microsoft Internet Explorer and Edge CVE-2016-3382 Remote Memory Corruption Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93386

PHP 'password_verify()' Function Out-of-Bounds Read Denial of Service Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93578

Microsoft Internet Explorer CVE-2016-3383 Remote Memory Corruption Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93396

PHP 'unserialize()' Function Use After Free Remote Code Execution Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93577

Microsoft Internet Explorer CVE-2016-3384 Remote Memory Corruption Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93393

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-10-17
http://www.securityfocus.com/bid/92452

Linux Kernel CVE-2016-6480 Local Information Disclosure Vulnerability
2016-10-17
http://www.securityfocus.com/bid/92214

Linux Kernel CVE-2016-6136 Local Information Disclosure Vulnerability
2016-10-17
http://www.securityfocus.com/bid/91558

Magento CMS APPSEC-1484 Remote Code Execution Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93573

Microsoft Edge CVE-2016-3386 Scripting Engine Remote Memory Corruption Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93426

Magento CMS Admin Dashboard Remote Code Execution Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93571

Magento CMS Invitations Feature HTML Injection Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93570

Adobe Acrobat and Reader APSB16-33 Multiple Memory Corruption Vulnerabilities
2016-10-17
http://www.securityfocus.com/bid/93496

Apache Tomcat CVE-2016-5425 Insecure File Permissions Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93472

Apache Tomcat CVE-2015-5346 Session Fixation Vulnerability
2016-10-17
http://www.securityfocus.com/bid/83323

Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2016-10-17
http://www.securityfocus.com/bid/74665

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-10-17
http://www.securityfocus.com/bid/91081

Node.js CVE-2016-5325 CRLF Injection Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93483

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93153

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93150

Node.js CVE-2016-7099 Security Bypass Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93191

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2016-10-17
http://www.securityfocus.com/bid/92984

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-10-17
http://www.securityfocus.com/bid/92630

PHP 'zend_virtual_cwd.c' Heap Based Buffer Overflow Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93574

Linux Kernel CVE-2016-7039 Stack Overflow Denial of Service Vulnerability
2016-10-17
http://www.securityfocus.com/bid/93476

SANS News

Analyzing Office Maldocs With Decoder.xls

Maldoc VBA Anti-Analysis: Video

Threatpost

US Reps Requesting Further Intel Around Yahoo Surveillance Story

Exploit

Ruby on Rails - Dynamic Render File Upload Remote Code Execution

PHP Telephone Directory - Multiple Vulnerabilities

Spy Emergency 23.0.205 - Unquoted Service Path Privilege Escalation

Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)

Windows x64 - WinExec() Shellcode (93 bytes)

Windows x86 - Keylogger Reverse UDP Shellcode (493 bytes)

16.10.2016

Bugtraq

Evernote for Windows DLL Loading Remote Code Execution Vulnerability 2016-10-14
mehta himanshu21 gmail com

[security bulletin] HPSBNS03661 rev.1 - NonStop Backbox, Remote Disclosure of Information 2016-10-13
security-alert hpe com

Snort v2.9.7.0-WIN32 DLL Hijack 2016-10-12
apparitionsec gmail com

ZendStudio IDE v13.5.1 Privilege Escalation 2016-10-12
apparitionsec gmail com

Malware

 

Phishing

Bank Of America

16th October 2016

KINDLY UPDATE YOUR ACCOUNT NOW

Nab Internet Banking

16th October 2016

Customer Satisftaction Survey!

service client

16th October 2016

PROBLEM IN YOUR ACCOUNT ON
8/15/2016

Apple

16th October 2016

CONFIRM YOUR ACCOUNT !

Paypal Service

16th October 2016

Your Paypal Account Will Be
Deactivated

PNC

16th October 2016

New Message From PNC

-...-T.h.a.n.k y.0.u-...-

16th October 2016

AUTOMATIC REPLY: HI JOEY SHOP
BIG WITH A 50 POUND ALDI GIFT
CARD

Dropbox

16th October 2016

DOC(JOEY @AOL.COM)

PayPal

15th October 2016

UNUSUAL ACTIVITY IN YOUR
PAYPAL ACCOUNT

Apple.

15th October 2016

PLEASE UPDATE YOUR APPLE
ACCOUNT !

Account Support

15th October 2016

WE'VE IIMITED ACCESS TO YOUR
PAYPAI ACCOUNT

creditcardservices@natwest.com

15th October 2016

NatWest Credit Card Support.

customercare@support.wmail.com

15th October 2016

rgwalker99@aol.com You have a
new notification

Paypal

15th October 2016

SOMEONE LOGGED INTO YOUR
ACCOUNT FROM ANOTHER COUNTRY

Update Account

15th October 2016

UPDATE ACCOUNT

Vulnerebility

Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2016-10-16
http://www.securityfocus.com/bid/77194

Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2016-10-16
http://www.securityfocus.com/bid/77181

Pivotal Cloud Foundry cf-mysql CVE-2016-6653 Information Disclosure Vulnerability
2016-10-16
http://www.securityfocus.com/bid/93480

Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2016-10-16
http://www.securityfocus.com/bid/77164

Intel SSD Toolbox CVE-2016-8101 Local Privilege Escalation Vulnerability
2016-10-16
http://www.securityfocus.com/bid/93482

Webmin Usermin CVE-2016-4897 Multiple Cross Site Scripting Vulnerabilities
2016-10-16
http://www.securityfocus.com/bid/93477

Multiple Toshiba FlashAir Products CVE-2016-4863 Security Bypass Vulnerability
2016-10-16
http://www.securityfocus.com/bid/93479

Linux Kernel CVE-2016-7039 Stack Overflow Denial of Service Vulnerability
2016-10-16
http://www.securityfocus.com/bid/93476

Xen CVE-2016-7777 Security Bypass Vulnerability
2016-10-16
http://www.securityfocus.com/bid/93344

SetucoCMS Multiple Security Vulnerabilities
2016-10-16
http://www.securityfocus.com/bid/93475

Microsoft Windows 'Cryptography API: Next Generation' Denial of Service Vulnerability
2016-10-16
http://www.securityfocus.com/bid/93481

QEMU 'hw/usb/hcd-xhci.c' Infinite Loop Denial of Service Vulnerability
2016-10-16
http://www.securityfocus.com/bid/93469

Apache Tomcat CVE-2016-6325 Local Privilege Escalation Vulnerability
2016-10-16
http://www.securityfocus.com/bid/93478

IBM Financial Transaction Manager CVE-2016-3060 Clickjacking Vulnerability
2016-10-16
http://www.securityfocus.com/bid/92633

Apache Tomcat CVE-2016-5425 Insecure File Permissions Vulnerability
2016-10-16
http://www.securityfocus.com/bid/93472

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-10-16
http://www.securityfocus.com/bid/93474

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-10-16
http://www.securityfocus.com/bid/93473

Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
2016-10-16
http://www.securityfocus.com/bid/90865

Mozilla Network Security Services CVE-2016-1938 Weak Encryption Multiple Security Weaknesses
2016-10-16
http://www.securityfocus.com/bid/81955

IBM WebSphere Application Server CVE-2016-0359 HTTP Response Splitting Vulnerability
2016-10-16
http://www.securityfocus.com/bid/91484

Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
2016-10-16
http://www.securityfocus.com/bid/75919

Jinja2 Incomplete Fix Insecure File Permissions Vulnerability
2016-10-16
http://www.securityfocus.com/bid/64787

Libxml2 CVE-2016-4448 Remote Format String Vulnerability
2016-10-16
http://www.securityfocus.com/bid/90856

Libxml2 'xmlParseName' CVE-2016-4447 Remote Denial of Service Vulnerability
2016-10-16
http://www.securityfocus.com/bid/90864

Libxml2 'malloc.c' CVE-2016-3627 Denial of Service Vulnerability
2016-10-16
http://www.securityfocus.com/bid/84992

libxml2 CVE-2016-3705 Stack Buffer Overflow Vulnerability
2016-10-16
http://www.securityfocus.com/bid/89854

libxml2 CVE-2016-1762 Multiple Memory Corruption Vulnerabilities
2016-10-16
http://www.securityfocus.com/bid/85059

Apple Mac OS X APPLE-SA-2016-05-16-4 Multiple Security Vulnerabilities
2016-10-16
http://www.securityfocus.com/bid/90696

Oracle Java SE CVE-2016-3458 Remote Security Vulnerability
2016-10-16
http://www.securityfocus.com/bid/91945

Oracle Java SE and JRockit CVE-2016-3508 Remote Security Vulnerability
2016-10-16
http://www.securityfocus.com/bid/91972

SANS News

pseudoDarkleech Rig EK

Maldoc VBA Anti-Analysis

Threatpost

Ghost Push Trojan Flourishing Via Malicious Links

Sierra Wireless Warns Cellular Data Gear Targeted by Mirai Malware

Exploit

 

Simple Forum PHP 2.4 - SQL Injection

Simple Forum PHP 2.4 - Cross-Site Request Forgery (Edit Options)

YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Persistent Cross-Site...

NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation

15.10.2016

Bugtraq

Evernote for Windows DLL Loading Remote Code Execution Vulnerability 2016-10-14
mehta himanshu21 gmail com

[security bulletin] HPSBNS03661 rev.1 - NonStop Backbox, Remote Disclosure of Information 2016-10-13
security-alert hpe com

Snort v2.9.7.0-WIN32 DLL Hijack 2016-10-12
apparitionsec gmail com

ZendStudio IDE v13.5.1 Privilege Escalation 2016-10-12
apparitionsec gmail com

Cisco Security Advisory: Cisco Meeting Server Client Authentication Bypass Vulnerability 2016-10-12
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Multiple Vulnerabilities in Plone CMS 2016-10-12
Sebastian Perez (s3bap3 gmail com)

[security bulletin] HPSBPV03516 rev.2 - HP VAN SDN Controller, Multiple Vulnerabilities 2016-10-11
security-alert hpe com

Facebook API v2.1 - RFC6749 Open Redirect Vulnerability 2016-10-11
Vulnerability Lab (research vulnerability-lab com)

Malware

Ransom.Googo

Exp.CVE-2016-3382

Exp.CVE-2016-7191

Exp.CVE-2016-3383

Exp.CVE-2016-3385

Trojan.Wininfos

Trojan.Groover

Phishing

Peter Sykes

14th October 2016

HELLO M

-...-T.h.a.n.k y.0.u-...-

14th October 2016

AUTOMATIC REPLY: HI JOKEY GET
A A.M.A.Z.O.N GIFT CARD!

Amazn

14th October 2016

$50 Giftcard for Feedback from
your recent purchases at Amazn

Bank Of America

14th October 2016

KINDLY UPDATE YOUR ACCOUNT NOW

security admin

14th October 2016

check out our HUGE line of
security cameras

Nab Internet Banking

14th October 2016

Customer Satisftaction Survey!

NatWest

14th October 2016

Important information about
your account

Apple

14th October 2016

CONFIRM YOUR ACCOUNT !

SunTrust Online.

14th October 2016

New masgge From SunTrust
Online Support

National

13th October 2016

JOB OFFER

Vulnerebility

Siemens Automation License Manager Multiple Security Vulnerabilities
2016-10-14
http://www.securityfocus.com/bid/93553

OSIsoft PI Web API 2015 R2 CVE-2016-8353 Account Permission Security Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93552

SIMATIC STEP 7 (TIA Portal) Multiple Local Information Disclosure Vulnerabilities
2016-10-14
http://www.securityfocus.com/bid/93551

Cisco IOS and IOS XE Software CVE-2016-6385 Denial of Service Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93203

Cisco IOS and IOS XE Software Multiple Denial of Service Vulnerabilities
2016-10-14
http://www.securityfocus.com/bid/93211

Cisco IOS and IOS XE Software CVE-2016-6380 Denial of Service Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93201

Multiple Fatek Automation Products Multiple Remote Code Execution Vulnerabilities
2016-10-14
http://www.securityfocus.com/bid/93105

Moxa ioLogik E1200 Series Multiple Security Vulnerabilities
2016-10-14
http://www.securityfocus.com/bid/93550

ZendStudio IDE Local Privilege Escalation Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93546

Kabona AB WDC ICSA-16-287-07 Multiple Security Vulnerabilities
2016-10-14
http://www.securityfocus.com/bid/93547

Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93544

Mozilla Firefox Multiple Security Vulnerabilities
2016-10-14
http://www.securityfocus.com/bid/93049

SAP Adaptive Server Enterprise Denial of Service Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93545

GnuPG and Libgcrypt CVE-2016-6313 Local Predictable Random Number Generator Weakness
2016-10-14
http://www.securityfocus.com/bid/92527

GNU Libgcrypt CVE-2015-7511 Security Bypass Vulnerability
2016-10-14
http://www.securityfocus.com/bid/83253

Libgcrypt CVE-2015-0837 Local Information Disclosure Vulnerability
2016-10-14
http://www.securityfocus.com/bid/73064

libgcrypt Elgamal Decryption 'cipher/elgamal.c' Information Disclosure Vulnerability
2016-10-14
http://www.securityfocus.com/bid/73066

Quagga CVE-2016-2342 Stack Buffer Overflow Vulnerability
2016-10-14
http://www.securityfocus.com/bid/84318

bubblewrap CVE-2016-8659 Local Privilege Escalation Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93542

Juniper Junos Space Multiple Security Vulnerabilities
2016-10-14
http://www.securityfocus.com/bid/93540

PHP CVE-2016-7132 NULL pointer Dereference Remote Denial of Service Vulnerability
2016-10-14
http://www.securityfocus.com/bid/92767

PHP CVE-2016-7131 NULL pointer Dereference Remote Denial of Service Vulnerability
2016-10-14
http://www.securityfocus.com/bid/92768

PHP 'ext/gd/gd.c' Information Disclosure Vulnerability
2016-10-14
http://www.securityfocus.com/bid/92757

WordPress Tidio-Gallery Plugin Cross Site Scripting Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93543

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93541

PHP CVE-2016-7412 Heap Based Buffer Overflow Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93005

PHP CVE-2016-7416 Stack Buffer Overflow Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93008

PHP CVE-2016-7413 Use After Free Denial of Service Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93006

PHP CVE-2016-7418 Out-of-Bounds Read Denial of Service Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93011

PHP CVE-2016-7414 Heap Buffer Overflow Vulnerability
2016-10-14
http://www.securityfocus.com/bid/93004

SANS News

New tool: docker-mount.py

Threatpost

Cisco Patches Critical Bug In Video Conferencing Server Hardware

Facebook Bug Bounty Program Pays Out $5 Million in Five Years

Google Handles Record Number of Government Requests for Data

Google Plugs 21 Security Holes in Chrome

Popular Android App Leaks Microsoft Exchange User Credentials

Exploit

Simple Forum PHP 2.4 - SQL Injection

Simple Forum PHP 2.4 - Cross-Site Request Forgery (Edit Options)

YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Cross Site Scripting

NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation

Thatware 0.4.6 - SQL Injection

Simple Blog PHP 2.0 - Multiple Vulnerabilities

Simple Blog PHP 2.0 - SQL Injection

Colorful Blog - Stored Cross Site Scripting

Colorful Blog - Cross-Site Request Forgery (Change Admin Password)

14.10.2016

Bugtraq

Snort v2.9.7.0-WIN32 DLL Hijack 2016-10-12
apparitionsec gmail com

ZendStudio IDE v13.5.1 Privilege Escalation 2016-10-12
apparitionsec gmail com

Cisco Security Advisory: Cisco Meeting Server Client Authentication Bypass Vulnerability 2016-10-12
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Multiple Vulnerabilities in Plone CMS 2016-10-12
Sebastian Perez (s3bap3 gmail com)

[security bulletin] HPSBPV03516 rev.2 - HP VAN SDN Controller, Multiple Vulnerabilities 2016-10-11
security-alert hpe com

Facebook API v2.1 - RFC6749 Open Redirect Vulnerability 2016-10-11
Vulnerability Lab (research vulnerability-lab com)

Contenido v4.9.11 CMS - (Backend) Multiple XSS Vulnerabilities 2016-10-11
admin@evolution-sec.com (admin evolution-sec com)

[SEARCH-LAB advisory] AVTECH IP Camera, NVR, DVR multiple vulnerabilities 2016-10-11
Gergely Eberhardt (gergely eberhardt search-lab hu)

Malware

 

Phishing

Customer service

13th October 2016

New Message from PayPal Member

Root User

13th October 2016

THANK YOU FOR YOUR ORDER

Mail Service

13th October 2016

EMAIL ALERT

❤BraziliaW0men_Team❤

13th October 2016

JOEY ✉HERE YOU CAN FIND THE
MOST BEAUTIFUL SINGLES FROM
BRAZIL

VlSA Online Services

13th October 2016

YOUR CREDITCARD IS SUSPENDED

Apple Security Team

12th October 2016

[ITUNES VERIFICATION]: LAST
REMINDER YOU MUST UPDATE YOUR
APPLE ID INFORMATION

Vulnerebility

Juniper JunosE CVE-2016-4925 Denial of Service Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93533

Juniper Junos J-Web CVE-2016-4923 Cross Site Scripting Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93529

Juniper vMX CVE-2016-4924 Local Security Bypass Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93531

Juniper Junos CVE-2016-4921 Denial of Service Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93532

Multiple Huawei Smart Phones Drivers Stack Buffer Overflow and Heap Buffer Overflow Vulnerabilities
2016-10-13
http://www.securityfocus.com/bid/93530

Appweb CVE-2014-9708 Null Pointer Deference Denial of Service Vulnerability
2016-10-13
http://www.securityfocus.com/bid/73407

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-10-13
http://www.securityfocus.com/bid/91453

Apache POI CVE-2012-0213 Denial Of Service Vulnerability
2016-10-13
http://www.securityfocus.com/bid/53487

Multiple F5 Products CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability
2016-10-13
http://www.securityfocus.com/bid/71549

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2016-10-13
http://www.securityfocus.com/bid/69647

Cisco IOS XE Software CVE-2016-6438 Remote Security Bypass Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93518

Cisco Unified Communications Manager CVE-2016-6440 Clickjacking Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93521

Cisco Wide Area Application Services CVE-2016-6437 Remote Denial of Service Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93524

Apache POI CVE-2016-5000 XML External Entity Injection Vulnerability
2016-10-13
http://www.securityfocus.com/bid/92100

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2016-10-13
http://www.securityfocus.com/bid/69648

POI CVE-2014-9527 Denial-Of-Service Vulnerability
2016-10-13
http://www.securityfocus.com/bid/77726

Cisco Meeting Server CVE-2016-6445 Authentication Bypass Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93517

IBM Kenexa LMS on Cloud CVE-2016-5939 Unspecified SQL-Injection Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93523

Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL Injection Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93522

Linux Kernel 'usbhid/hiddev.c' Local Heap Buffer Overflow Vulnerability
2016-10-13
http://www.securityfocus.com/bid/91450

Linux Kernel Local Memory Corruption and Integer Overflow Vulnerabilities
2016-10-13
http://www.securityfocus.com/bid/84305

Google Chrome CVE-2016-7549 Multiple Denial of Service Vulnerabilities
2016-10-13
http://www.securityfocus.com/bid/93160

JGroups CVE-2016-2141 Authorization Bypass Vulnerability
2016-10-13
http://www.securityfocus.com/bid/91481

IBM Kenexa LCMS Premier CVE-2016-5952 Unspecified SQL-Injection Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93520

RETIRED: POI CVE-2014-3529 Remote Security Vulnerability
2016-10-13
http://www.securityfocus.com/bid/78018

VMware Horizon View CVE-2016-7087 Directory Traversal Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93455

Cisco Finesse CVE-2016-6442 Cross Site Request Forgery Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93519

IBM Jazz Foundation CVE-2016-3014 Unspecified Cross-Site Scripting Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93515

IBM Cloud Orchestrator CVE-2016-0204 Unspecified Open Redirection Vulnerability
2016-10-13
http://www.securityfocus.com/bid/93512

Google Chrome Prior to 52.0.2743.82 Multiple Security Vulnerabilities
2016-10-13
http://www.securityfocus.com/bid/93238

SANS News

 

Threatpost

Gary McGraw on BSIMM7 and Secure Software Development

Disappearing Messages Added to Signal App

Vera Bradley Retail Chain Breached

Android Fragmentation Sinks Patching Gains

Exploit

VOX Music Player 2.8.8 - '.pls' Denail of Service

ASLDRService ATK Hotkey 1.0.69.0 - Unquoted Service Path Privilege Escalation

InsOnSrv Asus InstantOn 2.3.1.1 - Unquoted Service Path Privilege Escalation

ATKGFNEXSrv ATKGFNEX 1.0.11.1 - Unquoted Service Path Privilege Escalation

IObit Malware Fighter 4.3.1 - Unquoted Service Path Privilege Escalation

Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption

Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption

Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption

Android - Binder Generic ASLR Leak

Subversion 1.6.6 / 1.6.12 - Code Execution

Categorizator 0.3.1 - SQL Injection

NetBilletterie 2.8 - Multiple Vulnerabilities

ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting

OpenCimetiere v3.0.0-a5 - Blind SQL Injection

ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery

13.10.2016

Bugtraq

Multiple Vulnerabilities in Plone CMS 2016-10-12
Sebastian Perez (s3bap3 gmail com)

[security bulletin] HPSBPV03516 rev.2 - HP VAN SDN Controller, Multiple Vulnerabilities 2016-10-11
security-alert hpe com

Facebook API v2.1 - RFC6749 Open Redirect Vulnerability 2016-10-11
Vulnerability Lab (research vulnerability-lab com)

Contenido v4.9.11 CMS - (Backend) Multiple XSS Vulnerabilities 2016-10-11
admin@evolution-sec.com (admin evolution-sec com)

[SEARCH-LAB advisory] AVTECH IP Camera, NVR, DVR multiple vulnerabilities 2016-10-11
Gergely Eberhardt (gergely eberhardt search-lab hu)

SEC Consult SA-20161011-0 :: XXE vulnerability in RSA Enterprise Compromise Assessment Tool (ECAT) 2016-10-11
SEC Consult Vulnerability Lab (research sec-consult com)

[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2016-10-11
matthias deeg syss de

[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2016-10-10
matthias deeg syss de

Malware

Trojan.Tipsy

Phishing

Tegan Ryan

12th October 2016

LUCKY 247 PRESENTS: LIMITED
TIME BONUS PACKAGE

PayPaL

12th October 2016

Please update your credit card
information

HM Revenue &

12th October 2016

Tax repayments from 2014/2015

Support

12th October 2016

YOUR ACCOUNT STATUS HAS BEEN
CHANGED.

Chase

11th October 2016

UPDATE YOUR ACCOUNT NOW

Tesco Bank

11th October 2016

ONLINE ACCOUNT ALERT

FPC

11th October 2016

GET £15 AMAZON VOUCHER WHEN
YOU TAKE OUT HOME ENERGY PLAN
WITH US

Vulnerebility

Oracle E-Business Suite CVE-2016-3535 Remote Security Vulnerability
2016-10-12
http://www.securityfocus.com/bid/91845

SAP Netweaver CVE-2016-7435 Multiple OS Command Injection Vulnerabilities
2016-10-12
http://www.securityfocus.com/bid/93272

VMware vRealize Operations CVE-2016-7457 Unspecified Remote Privilege Escalation Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93499

Microsoft Internet Explorer and Edge CVE-2016-3391 Information Disclosure Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93379

MatrixSSL VU#396440 Heap Based Buffer Overflow and Multiple Denial of Service Vulnerabilities
2016-10-12
http://www.securityfocus.com/bid/93498

HarfBuzz CVE-2015-8947 Denial of Service Vulnerability
2016-10-12
http://www.securityfocus.com/bid/92039

Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2016-10-12
http://www.securityfocus.com/bid/77211

OpenStack Glance CVE-2016-0757 Security Bypass Vulnerability
2016-10-12
http://www.securityfocus.com/bid/82696

Microsoft Internet Explorer CVE-2016-3298 Multiple Information Disclosure Vulnerabilities
2016-10-12
http://www.securityfocus.com/bid/93392

Microsoft Internet Explorer and Edge CVE-2016-3331 Remote Memory Corruption Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93387

Microsoft Internet Explorer and Edge CVE-2016-3382 Remote Memory Corruption Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93386

Microsoft Internet Explorer and Edge CVE-2016-3390 Remote Memory Corruption Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93383

Microsoft Internet Explorer and Edge CVE-2016-3388 Remote Privilege Escalation Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93382

Microsoft Windows Graphics Component CVE-2016-3393 Remote Code Execution Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93377

Microsoft Windows Graphics CVE-2016-7182 Remote Privilege Escalation Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93395

Microsoft Windows Graphics Component CVE-2016-3396 Remote Code Execution Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93380

Microsoft Internet Explorer and Edge CVE-2016-3387 Remote Privilege Escalation Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93381

Microsoft Windows Graphics Component CVE-2016-3270 Local Privilege Escalation Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93403

Microsoft Windows Graphics Component CVE-2016-3262 Information Disclosure Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93390

Microsoft Internet Explorer and Edge CVE-2016-3267 Information Disclosure Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93376

Microsoft Windows Graphics Component CVE-2016-3209 Information Disclosure Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93385

Microsoft Windows Graphics Component CVE-2016-3263 Information Disclosure Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93394

Microsoft Office CVE-2016-7193 Memory Corruption Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93372

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3376 Local Privilege Escalation Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93388

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7185 Local Privilege Escalation Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93389

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3266 Local Privilege Escalation Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93384

Microsoft Transaction Manager CVE-2016-3341 Local Privilege Escalation Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93391

Microsoft Azure Active Directory Passport CVE-2016-7191 Authentication Bypass Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93213

Microsoft Windows CVE-2016-0142 Remote Code Execution Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93378

Microsoft Internet Explorer CVE-2016-3383 Remote Memory Corruption Vulnerability
2016-10-12
http://www.securityfocus.com/bid/93396

SANS News

WiFi Still Remains a Good Attack Vector

Threatpost

StrongPity APT Covets Secrets of Crypto Users

IoT Botnet Uses HTTP Traffic to DDoS Targets

Adobe Fixes 81 Vulnerabilities in Acrobat, Reader, Flash

Microsoft Patches Five Zero Days Under Attack

Exploit

Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)

Android - 'gpsOneXtra' Data Files Denial of Service

BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery

phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery

AVTECH IP Camera, NVR, and DVR Devices - Multiple Vulnerabilities

RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection

ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting

ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)

Minecraft Launcher - Insecure File Permissions Privilege Escalation

sheed AntiVirus - Unquoted Service Path Privilege Escalation

Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit)

12.10.2016

Bugtraq

Facebook API v2.1 - RFC6749 Open Redirect Vulnerability 2016-10-11
Vulnerability Lab (research vulnerability-lab com)

Contenido v4.9.11 CMS - (Backend) Multiple XSS Vulnerabilities 2016-10-11
admin@evolution-sec.com (admin evolution-sec com)

[SEARCH-LAB advisory] AVTECH IP Camera, NVR, DVR multiple vulnerabilities 2016-10-11
Gergely Eberhardt (gergely eberhardt search-lab hu)

SEC Consult SA-20161011-0 :: XXE vulnerability in RSA Enterprise Compromise Assessment Tool (ECAT) 2016-10-11
SEC Consult Vulnerability Lab (research sec-consult com)

[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2016-10-11
matthias deeg syss de

[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2016-10-10
matthias deeg syss de

Crashing Android devices with large Assisted-GPS Data Files [CVE-2016-5348] 2016-10-10
Nightwatch Cybersecurity Research (research nightwatchcybersecurity com)

[SYSS-2016-068] Fujitsu Wireless Keyboard Set LX901 - Cryptographic Issues (CWE-310), Missing Protection against Replay Attacks 2016-10-10
matthias deeg syss de

Malware

Trojan.Sofluxer

Exp.CVE-2016-0199

Phishing

Tesco Bank

10th October 2016

*** *** Re-activate your
Online Banking

NatWest

10th October 2016

IMPORTANT INFORMATION ABOUT
YOUR ACCOUNT

Tesco Bank

10th October 2016

*** *** Terms and Conditions

TEAM APP

10th October 2016

Warning : Activate Your
Account.

service@paypal.com

10th October 2016

Unusual Activity in your
account

CareerBuilder

10th October 2016

CareerBuilder: We need Agent-
Missed Call

BARCLAYS PLC

10th October 2016

Access Suspended Notification

Account Notification

10th October 2016

VIEW YOUR RECENT ACTIVITY

BigPond

10th October 2016

[Norton Anti]Urgent update!

BANK OF AMERICA

10th October 2016

Bank of America Corporate
Office Headquarters

Wells Fargo

10th October 2016

Wells Fargo Contact
Information Updated

Meridian CU

10th October 2016

[Shaw Suspected Junk Email]
Notification Regarding Your
Meridian Account !

REV. STEVE GRANT

10th October 2016

YOUR URGENT RESPONSE IS HIGHLY
NEEDED

AOL

10th October 2016

i made you a video?

Barclays Bank PLC

10th October 2016

You have new available
documents available in
Barclays Cloud It

Mail Account

10th October 2016

SETTINGS

PayPal

10th October 2016

Your Last Chance To Update
Your Account Paypal
Information.

Barclays

10th October 2016

Access to online banking has
been blocked

Yahoo.com

10th October 2016

[1722008]201612CCAPF2016331-43
[82pqyjh9ab5lkpbna05uj3g3cw6bk
6oxr13j]

VISA

10th October 2016

WE ARE SORRY BUT YOUR
CREDIT/DEBIT CARD IS
SUSPENDED.

PayPal Alert

10th October 2016

PAYPAL SUSPICIOUS SIGN-IN

USAA

10th October 2016

NEW USAA ONLINE MESSAGE

USAA

10th October 2016

Your access to usaa.com will
be restricted

PayPal.inc

10th October 2016

FWD: [ PAYPAL ] : ACCOUNT
NOTICE !

Vulnerebility

Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2016-10-11
http://www.securityfocus.com/bid/77148

Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2016-10-11
http://www.securityfocus.com/bid/77192

Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2016-10-11
http://www.securityfocus.com/bid/77163

Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2016-10-11
http://www.securityfocus.com/bid/77160

Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2016-10-11
http://www.securityfocus.com/bid/77207

Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2016-10-11
http://www.securityfocus.com/bid/77241

Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2016-10-11
http://www.securityfocus.com/bid/77126

Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2016-10-11
http://www.securityfocus.com/bid/77200

Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2016-10-11
http://www.securityfocus.com/bid/77194

Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2016-10-11
http://www.securityfocus.com/bid/77181

Pivotal Cloud Foundry cf-mysql CVE-2016-6653 Information Disclosure Vulnerability
2016-10-11
http://www.securityfocus.com/bid/93480

Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2016-10-11
http://www.securityfocus.com/bid/77164

Intel SSD Toolbox CVE-2016-8101 Local Privilege Escalation Vulnerability
2016-10-11
http://www.securityfocus.com/bid/93482

Webmin Usermin CVE-2016-4897 Multiple Cross Site Scripting Vulnerabilities
2016-10-11
http://www.securityfocus.com/bid/93477

Multiple Toshiba FlashAir Products CVE-2016-4863 Security Bypass Vulnerability
2016-10-11
http://www.securityfocus.com/bid/93479

Linux Kernel CVE-2016-7039 Stack Overflow Denial of Service Vulnerability
2016-10-11
http://www.securityfocus.com/bid/93476

Xen CVE-2016-7777 Security Bypass Vulnerability
2016-10-11
http://www.securityfocus.com/bid/93344

SetucoCMS Multiple Security Vulnerabilities
2016-10-11
http://www.securityfocus.com/bid/93475

Microsoft Windows 'Cryptography API: Next Generation' Denial of Service Vulnerability
2016-10-11
http://www.securityfocus.com/bid/93481

QEMU 'hw/usb/hcd-xhci.c' Infinite Loop Denial of Service Vulnerability
2016-10-11
http://www.securityfocus.com/bid/93469

Apache Tomcat CVE-2016-6325 Local Privilege Escalation Vulnerability
2016-10-11
http://www.securityfocus.com/bid/93478

IBM Financial Transaction Manager CVE-2016-3060 Clickjacking Vulnerability
2016-10-11
http://www.securityfocus.com/bid/92633

Apache Tomcat CVE-2016-5425 Insecure File Permissions Vulnerability
2016-10-11
http://www.securityfocus.com/bid/93472

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-10-11
http://www.securityfocus.com/bid/93474

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-10-11
http://www.securityfocus.com/bid/93473

Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
2016-10-11
http://www.securityfocus.com/bid/90865

Mozilla Network Security Services CVE-2016-1938 Weak Encryption Multiple Security Weaknesses
2016-10-11
http://www.securityfocus.com/bid/81955

IBM WebSphere Application Server CVE-2016-0359 HTTP Response Splitting Vulnerability
2016-10-11
http://www.securityfocus.com/bid/91484

Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
2016-10-11
http://www.securityfocus.com/bid/75919

Jinja2 Incomplete Fix Insecure File Permissions Vulnerability
2016-10-11
http://www.securityfocus.com/bid/64787

SANS News

 

Threatpost

 

Exploit

Minecraft Launcher - Insecure File Permissions Privilege Escalation

HP Client - Automation Command Injection / Remote Code Execution

Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)

11.10.2016

Bugtraq

Crashing Android devices with large Assisted-GPS Data Files [CVE-2016-5348] 2016-10-10
Nightwatch Cybersecurity Research (research nightwatchcybersecurity com)

[SYSS-2016-068] Fujitsu Wireless Keyboard Set LX901 - Cryptographic Issues (CWE-310), Missing Protection against Replay Attacks 2016-10-10
matthias deeg syss de

[SYSS-2016-033] Microsoft Wireless Desktop 2000 - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key) 2016-10-10
matthias deeg syss de

Cyberoam iview UTM v0.1.2.7 - (Ajax) XSS Web Vulnerability 2016-10-05
Vulnerability Lab (research vulnerability-lab com)

Clean Master v1.0 - Unquoted Path Privilege Escalation 2016-10-05
Vulnerability Lab (research vulnerability-lab com)

Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

Win32/SupTab 
Win32/Ghokswa 
Win32/Sasquor 

Phishing

 

Vulnerebility

IBM WebSphere Application Server Liberty Profile CVE-2016-2923 Information Disclosure Vulnerability
2016-10-10
http://www.securityfocus.com/bid/91518

Apache POI CVE-2016-5000 XML External Entity Injection Vulnerability
2016-10-10
http://www.securityfocus.com/bid/92100

Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
2016-10-10
http://www.securityfocus.com/bid/90865

Libxml2 'xmlParseName' CVE-2016-4447 Remote Denial of Service Vulnerability
2016-10-10
http://www.securityfocus.com/bid/90864

Libxml2 CVE-2016-4448 Remote Format String Vulnerability
2016-10-10
http://www.securityfocus.com/bid/90856

Apache Xerces-C CVE-2016-4463 Stack Buffer Overflow Vulnerability
2016-10-10
http://www.securityfocus.com/bid/91501

POI CVE-2014-9527 Denial-Of-Service Vulnerability
2016-10-10
http://www.securityfocus.com/bid/77726

POI CVE-2014-3529 Remote Security Vulnerability
2016-10-10
http://www.securityfocus.com/bid/78018

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2016-10-10
http://www.securityfocus.com/bid/69648

Apache POI CVE-2012-0213 Denial Of Service Vulnerability
2016-10-10
http://www.securityfocus.com/bid/53487

Nagios 'process_cgivars()' Function Off-By-One Error Denial Of Service Vulnerability
2016-10-10
http://www.securityfocus.com/bid/64489

Snoopy CVE-2008-7313 Arbitrary Command Execution Vulnerability
2016-10-10
http://www.securityfocus.com/bid/68776

Icinga Web GUI CVE-2013-7108 Multiple Off-By-One Memory Corruption Vulnerabilities
2016-10-10
http://www.securityfocus.com/bid/64363

Snoopy '_httpsrequest()' Arbitrary Command Execution Vulnerability
2016-10-10
http://www.securityfocus.com/bid/31887

Nagios CVE-2013-4214 Insecure Temporary File Creation Vulnerability
2016-10-10
http://www.securityfocus.com/bid/61747

Snoopy CVE-2014-5009 Arbitrary Command Execution Vulnerability
2016-10-10
http://www.securityfocus.com/bid/68783

Icinga 'cgi/cmd.c' Stack Buffer Overflow Vulnerability
2016-10-10
http://www.securityfocus.com/bid/65605

Snoopy 'exec()' Arbitrary Command Execution Vulnerability
2016-10-10
http://www.securityfocus.com/bid/68419

nginx CVE-2016-4450 Denial of Service Vulnerability
2016-10-10
http://www.securityfocus.com/bid/90967

nginx Multiple Denial of Service Vulnerabilities
2016-10-10
http://www.securityfocus.com/bid/82230

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2016-10-10
http://www.securityfocus.com/bid/83423

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-10-10
http://www.securityfocus.com/bid/91453

libgit2 CVE-2016-8568 Out-of-Bounds Read Denial of Service Vulnerability
2016-10-10
http://www.securityfocus.com/bid/93466

libgit2 CVE-2016-8569 Null Pointer Dereference Denial of Service Vulnerability
2016-10-10
http://www.securityfocus.com/bid/93465

GraphicsMagick CVE-2016-7997 NULL Pointer Denial of Service Vulnerability
2016-10-10
http://www.securityfocus.com/bid/93467

Qemu 'hcd-ehci.c' Memory Leak Denial of Service Vulnerability
2016-10-10
http://www.securityfocus.com/bid/93454

SPIP Multiple Security Vulnerabilities
2016-10-10
http://www.securityfocus.com/bid/93451

QEMU 'hw/display/virtio-gpu.c' Information Disclosure Vulnerability
2016-10-10
http://www.securityfocus.com/bid/93453

Multiple RedHat JBoss Products CVE-2016-7065 Remote Code Execution Vulnerability
2016-10-10
http://www.securityfocus.com/bid/93462

Cybozu Office Multiple Security Bypass Vulnerabilities
2016-10-10
http://www.securityfocus.com/bid/93461

SANS News

Radare2: rahash2

Threatpost

When DVRs Attack: A Post IoT Attack Analysis

The Ethics and Morality Behind APT Reports

Exploit

miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)

PHP Press Release - Cross-Site Request Forgery (Add Admin)

PHP Press Release - Stored Cross Site Scripting

Wacom Consumer Service - Unquoted Service Path Privilege Escalation

Foxit Cloud Update Service - Unquoted Service Path Privilege Escalation

Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation

Fitbit Connect Service - Unquoted Service Path Privilege Escalation

10.10.2016

Bugtraq

 

Malware

 

Phishing

Apple Security'

9th October 2016

[SUPPORT]: SOMEONE HAS
INFILTRATED IN TO YOUR
ACCOUNT, PLEASE RVIEW YOUR
INFORMATION

SANTANDER BANK

9th October 2016

SANTANDER BANK SECURE
NOTIFICATION

Thank You!

9th October 2016

J, PLEASE RESPOND!

Barclays

9th October 2016

Your account might be
compromised

U.S. Bank

9th October 2016

Account information needs to
be update.

Lloyds

9th October 2016

Access To Your Account(s) Has
Been Disabled.

Chase Online

8th October 2016

Important Immediate Action
Required [Chase]

Thank You!

8th October 2016

JO, PLEASE RESPOND!

Steve Katz

8th October 2016

DOORS HAVE BEEN OPENED AND YOU
ARE INVITED

Account Support

8th October 2016

YOUR ACCOUNT IS TEMPORARILY
DISABLED

Vulnerebility

 

SANS News

First Hurricane Matthew related Phish

Unauthorized Change Detected!

Threatpost

Cisco Warns of Critical Flaws in Nexus Switches

The Ethics and Morality Behind APT Reports

Exploit

BlueStacks 2.5.55 - Unquoted Service Path Privilege Escalation

Waves Audio Service - Unquoted Service Path Privilege Escalation

7.10.2016

Bugtraq

 

Malware

SoftwareBundler:Win32/Stallmonitz
Win32/SupTab
Exploit:HTML/Meadgive.Y 
Exploit:HTML/Meadgive.W 

Win32/Filecoder.Locky.H

Win32/Filecoder.Locky.C

Trojan.Toshliph

Infostealer.Fastpos

Ransom.HadesLocker

Trojan.Agentemis

Phishing

PayPal

7th October 2016

Your PayPal account has been
closed temporarily!!

Chase Online

7th October 2016

Important Immediate Action
Required [Chase]

Microsoft

7th October 2016

You Have 584 Alert
Notifications

HSBC Credit

7th October 2016

HSBC - Warning message

SunTrust

7th October 2016

1 New Message

American Express

7th October 2016

Confirm your online account

Apple

6th October 2016

APPLE ACCOUNT UPDATE

Survey Rewards

6th October 2016

SPECIAL: TAKE A £50 AMAZON
GIFT CARD!

NatWest

6th October 2016

NatWest - NatWest Secure
Password Reset Confirmation

Microsoft

6th October 2016

IMPORTANT NOTIFICATION!

Amazon

6th October 2016

Your Amazon order "Gift Card -
Email....."

Halifax Bank

6th October 2016

NEW ACCOUNT NOTICE

M&S

6th October 2016

IMPORTANT: YOUR ACCOUNT HAS
RECEIVED A VOUCHER

App Store

4th October 2016

UPDATES TO YOUR APPS AVAILABLE

Vulnerebility

 

SANS News

To report any scams/malware related to Hurricane Matthew, use our contact form: https://isc.sans.edu/contact.html

Threatpost

Juan Andres Guerrero-Saade and Brian Bartholomew on APT False Flags and Attribution

Mobile App Collusion Can Bypass Native Android Security

Web-Based Keylogger Used to Steal Credit Card Data from Popular Sites

Free Tool Protects Mac Users from Webcam Surveillance

Exploit

Comodo Dragon Browser - Unquoted Service Path Privilege Escalation

Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation

Billion Router 7700NR4 - Remote Command Execution

Exagate WEBPack Management System - Multiple Vulnerabilities

Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)

Advance MLM Script - SQL Injection

PHP Classifieds Rental Script - Blind SQL Injection

B2B Portal Script - Blind SQL Injection

MLM Unilevel Plan Script 1.0.2 - SQL Injection

Just Dial Clone Script - SQL Injection

BlueStacks 2.5.55 - Unquoted Service Path Privilege Escalation

Waves Audio Service - Unquoted Service Path Privilege Escalation

4.10.2016

Bugtraq

Serimux SSH Console Switch v2.4 - Multiple Cross Site Vulnerabilities 2016-10-04
Vulnerability Lab (research vulnerability-lab com)

AuraDVD Ripper Professional v1.6.3 - DLL Hijacking Exploit 2016-10-04
Vulnerability Lab (research vulnerability-lab com)

TeempIp XSS Cookie Theft 2016-10-03
apparitionsec gmail com

[SECURITY] [DSA 3684-1] libdbd-mysql-perl security update 2016-10-03
Florian Weimer (fw deneb enyo de)

[SECURITY] [DSA 3681-2] wordpress regression update 2016-10-01
Yves-Alexis Perez (corsac debian org)

CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-01
Dawid Golunski (dawid legalhackers com)

Multiple exposures in Sophos UTM 2016-09-30
Tim Schughart (t schughart prosec-networks com)

Malware

 

Phishing

App Store

4th October 2016

UPDATES TO YOUR APPS AVAILABLE

Vulnerebility

Sophos UTM Multiple Local Information Disclosure Vulnerabilities
2016-10-04
http://www.securityfocus.com/bid/93266

Linux Kernel CVE-2016-5344 Multiple Integer Overflow Vulnerabilities
2016-10-04
http://www.securityfocus.com/bid/92695

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-10-04
http://www.securityfocus.com/bid/91704

Linux Kernel CVE-2016-5342 Local Heap Buffer Overflow Vulnerability
2016-10-04
http://www.securityfocus.com/bid/92693

Google Android CVE-2016-6673 Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93321

Linux Kernel CVE-2016-2059 Local Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/90230

Linux Kernel CVE-2016-3860 Information Disclosure Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93320

Google Android NVIDIA GPU Driver CVE-2016-6677 Information Disclosure Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93319

Linux Kernel CVE-2016-5340 Security Bypass Vulnerability
2016-10-04
http://www.securityfocus.com/bid/92374

Linux Kernel CVE-2015-8950 Information Disclosure Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93318

Linux Kernel CVE-2015-8951 Memory Corruption Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93317

Linux Kernel 'lib/asn1_decoder.c' Local Memory Corruption Vulnerability
2016-10-04
http://www.securityfocus.com/bid/90626

Google Android CVE-2016-3922 Remote Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93315

Google Android CVE-2016-6674 Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93316

Linux Kernel CVE-2016-3931 Remote Code Execution Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93313

Linux Kernel CVE-2015-8955 Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93314

Google Android Mediaserver Multiple Privilege Escalation Vulnerabilities
2016-10-04
http://www.securityfocus.com/bid/93311

Linux Kernel CVE-2015-0572 Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93312

Google Android CVE-2016-3923 Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93310

Linux Kernel Multiple Information Disclosure Vulnerabilities
2016-10-04
http://www.securityfocus.com/bid/93309

Google Android CVE-2016-3911 Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93303

Google Android CVE-2016-3928 Remote Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93308

Google Android Framework Listener CVE-2016-3921 Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93307

Google Android CVE-2016-3930 Remote Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93306

Google Nexus Motorola USBNet Driver CVE-2016-6678 Information Disclosure Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93305

Linux Kernel CVE-2016-7117 Use-After-Free Remote Code Execution Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93304

Google Nexus CVE-2016-6690 Denial of Service Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93301

Google Android Framework APIs CVE-2016-3912 Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93302

Google Android AOSP Mail CVE-2016-3918 Information Disclosure Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93299

Google Android CVE-2016-3914 Remote Privilege Escalation Vulnerability
2016-10-04
http://www.securityfocus.com/bid/93300

SANS News

Password Buddies: A Better Way To Reset Passwords

Threatpost

Apple To Block WoSign Intermediate Certificates

Hack Crashes Linux Distros with 48 Characters of Code

Exploit

Android - Insufficient Binder Message Verification Pointer Leak

Disk Pulse Enterprise 9.0.34 - Buffer Overflow Exploit

DWebPro 8.4.2 - Multiple Vulnerabilities

Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation

Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)

3.10.2016

Bugtraq

[SECURITY] [DSA 3681-2] wordpress regression update 2016-10-01
Yves-Alexis Perez (corsac debian org)

CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-01
Dawid Golunski (dawid legalhackers com)

Multiple exposures in Sophos UTM 2016-09-30
Tim Schughart (t schughart prosec-networks com)

[SYSS-2016-060] Logitech M520 - Insufficient Verification of Data Authenticity (CWE-345) 2016-09-30
matthias deeg syss de

Re: CVE-2016-5019: MyFaces Trinidad view state deserialization security vulnerability 2016-09-29
Mike Kienenberger (mkienenb gmail com)

Persistent XSS in Abus Security Center - CVSS 8.0 2016-09-29
Tim Schughart (t schughart prosec-networks com)

Malware

 

Phishing

 

Vulnerebility

Joomla! Huge-IT Catalog Extension CVE-2016-1000125 SQL Injection Vulnerability
2016-10-03
http://www.securityfocus.com/bid/93265

ImageMagick 'MagickCore/profile.c' Memory Corruption Vulnerability
2016-10-03
http://www.securityfocus.com/bid/93264

Ruby OpenSSL Security Bypass Vulnerability
2016-10-03
http://www.securityfocus.com/bid/93031

Apache Tomcat CVE-2016-1240 Local Privilege Escalation Vulnerability
2016-10-03
http://www.securityfocus.com/bid/93263

Pacemaker CVE-2016-7797 Remote Denial of Service Vulnerability
2016-10-03
http://www.securityfocus.com/bid/93261

Google Chrome OS Security Bypass and Arbitrary Code Execution Vulnerabilities
2016-10-03
http://www.securityfocus.com/bid/93260

C-ares CVE-2016-5180 Out of Bounds Write Denial of Service Vulnerability
2016-10-03
http://www.securityfocus.com/bid/93243

BB&T U CVE-2016-6550 SSL Certificate Validation Security Bypass Vulnerability
2016-10-03
http://www.securityfocus.com/bid/93259

phpMyAdmin CVE-2016-6607 Multiple Cross Site Scripting Vulnerabilities
2016-10-03
http://www.securityfocus.com/bid/93257

phpMyAdmin CVE-2016-6608 Multiple Cross Site Scripting Vulnerabilities
2016-10-03
http://www.securityfocus.com/bid/93258

phpMyAdmin CVE-2016-5733 Multiple Cross Site Scripting Vulnerabilities
2016-10-03
http://www.securityfocus.com/bid/91390

phpMyAdmin CVE-2016-6624 Security Bypass Vulnerability
2016-10-03
http://www.securityfocus.com/bid/92489

QEMU 'megasas_ctrl_get_info()' Information Disclosure Vulnerability
2016-10-03
http://www.securityfocus.com/bid/91097

Google Chrome Prior to 50.0.2661.102 Multiple Security Vulnerabilities
2016-10-03
http://www.securityfocus.com/bid/90584

Abus Security Center 'FTP' HTML Injection Vulnerability
2016-10-03
http://www.securityfocus.com/bid/93254

Qemu CVE-2016-6833 Use After Free Memory Denial of Service Vulnerability
2016-10-03
http://www.securityfocus.com/bid/93255

Multiple NVIDIA Products CVE-2016-4959 Denial of Service Vulnerability
2016-10-03
http://www.securityfocus.com/bid/93256

QEMU CVE-2016-7422 Null Pointer Dereference Denial of Service Vulnerability
2016-10-03
http://www.securityfocus.com/bid/92996

Multiple NVIDIA Products Local Privilege Escalation and Denial of Service Vulnerabilities
2016-10-03
http://www.securityfocus.com/bid/93251

QEMU 'hw/scsi/mptconfig.c' Multiple Local Denial of Service Vulnerabilities
2016-10-03
http://www.securityfocus.com/bid/92775

QEMU 'pvscsi_convert_sglist()' Function Local Denial of Service Vulnerability
2016-10-03
http://www.securityfocus.com/bid/92774

Python Twisted CVE-2016-1000111 Security Bypass Vulnerability
2016-10-03
http://www.securityfocus.com/bid/91820

QEMU 'Transmit(tx) Queue' Processing Information Disclosure Vulnerability
2016-10-03
http://www.securityfocus.com/bid/92444

QEMU File Handling Multiple Directory Traversal Vulnerabilities
2016-10-03
http://www.securityfocus.com/bid/92680

QEMU '/hw/net/net_tx_pkt.c' Packet Fragmentation Denial of Service Vulnerability
2016-10-03
http://www.securityfocus.com/bid/92446

QEMU 'get_cmd()' Function Denial of Service Vulnerability
2016-10-03
http://www.securityfocus.com/bid/90995

QEMU 'hw/scsi/esp.c' Multiple Remote Code Execution Vulnerabilities
2016-10-03
http://www.securityfocus.com/bid/91079

QEMU 'block/iscsi.c' Heap Based Buffer Overflow Vulnerability
2016-10-03
http://www.securityfocus.com/bid/90948

QEMU CVE-2016-4454 Memory Corruption Vulnerability
2016-10-03
http://www.securityfocus.com/bid/90927

QEMU CVE-2016-4441 Remote Code Execution Vulnerability
2016-10-03
http://www.securityfocus.com/bid/90762

SANS News

The Short Life of a Vulnerable DVR Connected to the Internet

Threatpost

Researchers Break MarsJoke Ransomware Encryption

Mozilla Reduces Threat of Export-Grade Crypto to Firefox

Source Code Released for Mirai DDoS Malware

Exploit

Windows Firewall Control - Unquoted Service Path Privilege Escalation

2.10.2016

Bugtraq

Multiple exposures in Sophos UTM 2016-09-30
Tim Schughart (t schughart prosec-networks com)

[SYSS-2016-060] Logitech M520 - Insufficient Verification of Data Authenticity (CWE-345) 2016-09-30
matthias deeg syss de

Re: CVE-2016-5019: MyFaces Trinidad view state deserialization security vulnerability 2016-09-29
Mike Kienenberger (mkienenb gmail com)

Persistent XSS in Abus Security Center - CVSS 8.0 2016-09-29
Tim Schughart (t schughart prosec-networks com)

[security bulletin] HPSBGN03650 rev.1 - HPE Network Automation Software, Local Arbitrary File Modification 2016-09-29
security-alert hpe com

Malware

Ransom.Xpan

Phishing

 

Vulnerebility

BB&T U CVE-2016-6550 SSL Certificate Validation Security Bypass Vulnerability
2016-10-02
http://www.securityfocus.com/bid/93259

phpMyAdmin CVE-2016-6607 Multiple Cross Site Scripting Vulnerabilities
2016-10-02
http://www.securityfocus.com/bid/93257

phpMyAdmin CVE-2016-6608 Multiple Cross Site Scripting Vulnerabilities
2016-10-02
http://www.securityfocus.com/bid/93258

phpMyAdmin CVE-2016-5733 Multiple Cross Site Scripting Vulnerabilities
2016-10-02
http://www.securityfocus.com/bid/91390

phpMyAdmin CVE-2016-6624 Security Bypass Vulnerability
2016-10-02
http://www.securityfocus.com/bid/92489

QEMU 'megasas_ctrl_get_info()' Information Disclosure Vulnerability
2016-10-02
http://www.securityfocus.com/bid/91097

Google Chrome Prior to 50.0.2661.102 Multiple Security Vulnerabilities
2016-10-02
http://www.securityfocus.com/bid/90584

Abus Security Center 'FTP' HTML Injection Vulnerability
2016-10-02
http://www.securityfocus.com/bid/93254

Qemu CVE-2016-6833 Use After Free Memory Denial of Service Vulnerability
2016-10-02
http://www.securityfocus.com/bid/93255

Multiple NVIDIA Products CVE-2016-4959 Denial of Service Vulnerability
2016-10-02
http://www.securityfocus.com/bid/93256

QEMU CVE-2016-7422 Null Pointer Dereference Denial of Service Vulnerability
2016-10-02
http://www.securityfocus.com/bid/92996

Multiple NVIDIA Products Local Privilege Escalation and Denial of Service Vulnerabilities
2016-10-02
http://www.securityfocus.com/bid/93251

QEMU 'hw/scsi/mptconfig.c' Multiple Local Denial of Service Vulnerabilities
2016-10-02
http://www.securityfocus.com/bid/92775

QEMU 'pvscsi_convert_sglist()' Function Local Denial of Service Vulnerability
2016-10-02
http://www.securityfocus.com/bid/92774

Python Twisted CVE-2016-1000111 Security Bypass Vulnerability
2016-10-02
http://www.securityfocus.com/bid/91820

QEMU 'Transmit(tx) Queue' Processing Information Disclosure Vulnerability
2016-10-02
http://www.securityfocus.com/bid/92444

QEMU File Handling Multiple Directory Traversal Vulnerabilities
2016-10-02
http://www.securityfocus.com/bid/92680

QEMU '/hw/net/net_tx_pkt.c' Packet Fragmentation Denial of Service Vulnerability
2016-10-02
http://www.securityfocus.com/bid/92446

QEMU 'get_cmd()' Function Denial of Service Vulnerability
2016-10-02
http://www.securityfocus.com/bid/90995

QEMU 'hw/scsi/esp.c' Multiple Remote Code Execution Vulnerabilities
2016-10-02
http://www.securityfocus.com/bid/91079

QEMU 'block/iscsi.c' Heap Based Buffer Overflow Vulnerability
2016-10-02
http://www.securityfocus.com/bid/90948

QEMU CVE-2016-4454 Memory Corruption Vulnerability
2016-10-02
http://www.securityfocus.com/bid/90927

QEMU CVE-2016-4441 Remote Code Execution Vulnerability
2016-10-02
http://www.securityfocus.com/bid/90762

QEMU '/hw/net/net_tx_pkt.c' Integer Overflow Vulnerability
2016-10-02
http://www.securityfocus.com/bid/92556

QEMU CVE-2016-4439 Remote Code Execution Vulnerability
2016-10-02
http://www.securityfocus.com/bid/90760

QEMU Out of Bounds Write Denial of Service Vulnerability
2016-10-02
http://www.securityfocus.com/bid/90875

QEMU CVE-2016-4453 Infinite Loop Denial of Service Vulnerability
2016-10-02
http://www.securityfocus.com/bid/90928

QEMU 'megasas_lookup_frame()' Function Out of Bounds Read Denial of Service Vulnerability
2016-10-02
http://www.securityfocus.com/bid/90874

QEMU 'ne2000.c' CVE-2016-2841 Denial of Service Vulnerability
2016-10-02
http://www.securityfocus.com/bid/84028

QEMU 'stellaris_enet_receive()' Function Remote Buffer Overflow Vulnerability
2016-10-02
http://www.securityfocus.com/bid/85976

SANS News

 

Threatpost

Report a Grim Reminder of State of Critical Infrastructure Security

Academics Put Another Dent in Online Anonymity

Exploit

Netgear Genie 2.4.32 - Unquoted Service Path Elevation of Privilege

30.9.2016

Bugtraq

Multiple exposures in Sophos UTM 2016-09-30
Tim Schughart (t schughart prosec-networks com)

[SYSS-2016-060] Logitech M520 - Insufficient Verification of Data Authenticity (CWE-345) 2016-09-30
matthias deeg syss de

Re: CVE-2016-5019: MyFaces Trinidad view state deserialization security vulnerability 2016-09-29
Mike Kienenberger (mkienenb gmail com)

Persistent XSS in Abus Security Center - CVSS 8.0 2016-09-29
Tim Schughart (t schughart prosec-networks com)

[security bulletin] HPSBGN03650 rev.1 - HPE Network Automation Software, Local Arbitrary File Modification 2016-09-29
security-alert hpe com

Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[REVIVE-SA-2016-002] Revive Adserver - Multiple vulnerabilities 2016-09-28
Matteo Beccati (matteo beccati com)

Malware

Win32/Locky 

Phishing

 

Vulnerebility

Google Chrome Prior to 50.0.2661.102 Multiple Security Vulnerabilities
2016-09-30
http://www.securityfocus.com/bid/90584

Multiple NVIDIA Products CVE-2016-4959 Denial of Service Vulnerability
2016-09-30
http://www.securityfocus.com/bid/93256

QEMU CVE-2016-7422 Null Pointer Dereference Denial of Service Vulnerability
2016-09-30
http://www.securityfocus.com/bid/92996

Multiple NVIDIA Products Local Privilege Escalation and Denial of Service Vulnerabilities
2016-09-30
http://www.securityfocus.com/bid/93251

QEMU 'hw/scsi/mptconfig.c' Multiple Local Denial of Service Vulnerabilities
2016-09-30
http://www.securityfocus.com/bid/92775

QEMU 'pvscsi_convert_sglist()' Function Local Denial of Service Vulnerability
2016-09-30
http://www.securityfocus.com/bid/92774

Python Twisted CVE-2016-1000111 Security Bypass Vulnerability
2016-09-30
http://www.securityfocus.com/bid/91820

QEMU 'Transmit(tx) Queue' Processing Information Disclosure Vulnerability
2016-09-30
http://www.securityfocus.com/bid/92444

QEMU File Handling Multiple Directory Traversal Vulnerabilities
2016-09-30
http://www.securityfocus.com/bid/92680

QEMU '/hw/net/net_tx_pkt.c' Packet Fragmentation Denial of Service Vulnerability
2016-09-30
http://www.securityfocus.com/bid/92446

QEMU 'get_cmd()' Function Denial of Service Vulnerability
2016-09-30
http://www.securityfocus.com/bid/90995

QEMU 'hw/scsi/esp.c' Multiple Remote Code Execution Vulnerabilities
2016-09-30
http://www.securityfocus.com/bid/91079

QEMU 'block/iscsi.c' Heap Based Buffer Overflow Vulnerability
2016-09-30
http://www.securityfocus.com/bid/90948

QEMU CVE-2016-4454 Memory Corruption Vulnerability
2016-09-30
http://www.securityfocus.com/bid/90927

QEMU CVE-2016-4441 Remote Code Execution Vulnerability
2016-09-30
http://www.securityfocus.com/bid/90762

QEMU '/hw/net/net_tx_pkt.c' Integer Overflow Vulnerability
2016-09-30
http://www.securityfocus.com/bid/92556

QEMU CVE-2016-4439 Remote Code Execution Vulnerability
2016-09-30
http://www.securityfocus.com/bid/90760

QEMU Out of Bounds Write Denial of Service Vulnerability
2016-09-30
http://www.securityfocus.com/bid/90875

QEMU CVE-2016-4453 Infinite Loop Denial of Service Vulnerability
2016-09-30
http://www.securityfocus.com/bid/90928

QEMU 'megasas_lookup_frame()' Function Out of Bounds Read Denial of Service Vulnerability
2016-09-30
http://www.securityfocus.com/bid/90874

QEMU 'ne2000.c' CVE-2016-2841 Denial of Service Vulnerability
2016-09-30
http://www.securityfocus.com/bid/84028

QEMU 'stellaris_enet_receive()' Function Remote Buffer Overflow Vulnerability
2016-09-30
http://www.securityfocus.com/bid/85976

QEMU '/hw/net/mipsnet.c' Remote Buffer Overflow Vulnerability
2016-09-30
http://www.securityfocus.com/bid/85992

QEMU CVE-2016-4020 Information Disclosure Vulnerability
2016-09-30
http://www.securityfocus.com/bid/86067

phpMyAdmin CVE-2016-6630 Denial of Service Vulnerability
2016-09-30
http://www.securityfocus.com/bid/92501

phpMyAdmin CVE-2016-6626 URL Redirect Protection Security Bypass Vulnerability
2016-09-30
http://www.securityfocus.com/bid/92490

phpMyAdmin CVE-2016-6633 Remote Code Execution Vulnerability
2016-09-30
http://www.securityfocus.com/bid/92500

phpMyAdmin CVE-2016-6631 Remote Code Execution Vulnerability
2016-09-30
http://www.securityfocus.com/bid/92496

phpMyAdmin CVE-2016-6632 Denial of Service Vulnerability
2016-09-30
http://www.securityfocus.com/bid/92497

phpMyAdmin CVE-2016-6629 Security Bypass Vulnerability
2016-09-30
http://www.securityfocus.com/bid/92493

SANS News

Another Day, Another Malicious Behaviour

Threatpost

Zerodium Triples its iOS 10 Bounty to $1.5 Million

Backdoored D-Link Router Should be Trashed, Researcher Says

Exploit

KeepNote 0.7.8 - Command Execution

Netgear Genie 2.4.32 - Unquoted Service Path Elevation of Privilege

29.9.2016

Bugtraq

Persistent XSS in Abus Security Center - CVSS 8.0 2016-09-29
Tim Schughart (t schughart prosec-networks com)

[security bulletin] HPSBGN03650 rev.1 - HPE Network Automation Software, Local Arbitrary File Modification 2016-09-29
security-alert hpe com

Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[REVIVE-SA-2016-002] Revive Adserver - Multiple vulnerabilities 2016-09-28
Matteo Beccati (matteo beccati com)

Multiple vulnerabilities found in the Dlink DWR-932B (backdoor, backdoor accounts, weak WPS, RCE ...) 2016-09-28
Pierre Kim (pierre kim sec gmail com)

Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 2016-09-27
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[slackware-security] bind (SSA:2016-271-01) 2016-09-27
Slackware Security Team (security slackware com)

Malware

Downloader.Quanader

Ransom.Nagini

Phishing

 

Vulnerebility

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2016-09-29
http://www.securityfocus.com/bid/89760

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2016-09-29
http://www.securityfocus.com/bid/89746

ImageMagick CVE-2014-9907 Multiple Denial of Service Vulnerabilities
2016-09-29
http://www.securityfocus.com/bid/93231

ImageMagick CVE-2016-7539 Denial of Service Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93232

VLC Media Player Unspecified Buffer Overflow Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93227

ImageMagick CVE-2016-7540 Denial of Service Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93228

KDE kdesu CVE-2016-7787 Command Execution Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93224

ImageMagick 'coders/viff.c' Denial of Service Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93226

ImageMagick CVE-2016-7536 Denial of Service Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93225

ClamAV CVE-2016-1371 Denial of Service Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93222

ImageMagick 'MagickCore/memory.c' Denial of Service Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93220

systemd 'manager_invoke_notify_message()' Function Local Denial of Service Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93223

ClamAV CVE-2016-1372 Multiple Denial of Service Vulnerabilities
2016-09-29
http://www.securityfocus.com/bid/93221

RETIRED: FFmpeg CVE-2016-6920 Heap Buffer Overflow Vulnerability
2016-09-29
http://www.securityfocus.com/bid/92790

Drupal Core Multiple Access Bypass and Cross Site Scripting Vulnerabilities
2016-09-29
http://www.securityfocus.com/bid/93101

FFmpeg CVE-2016-6920 Heap Buffer Overflow Vulnerability
2016-09-29
http://www.securityfocus.com/bid/92664

Red Hat JBoss BPMS CVE-2016-5398 HTML Injection Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93219

libgd 'gd_webp.c' Integer Overflow Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93184

HP Network Automation CVE-2016-4386 Local Security Bypass Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93218

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93188

MuJS Multiple Heap Based Buffer Overflow Vulnerabilities
2016-09-29
http://www.securityfocus.com/bid/93075

baserCMS Multiple HTML Injection and Cross Site Request Forgery Vulnerabilities
2016-09-29
http://www.securityfocus.com/bid/93217

ManageEngine ServiceDesk Plus CVE-2016-4890 Security Bypass Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93216

ManageEngine ServiceDesk Plus CVE-2016-4889 Privilage Escalation Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93215

ManageEngine ServiceDesk Plus CVE-2016-4888 HTML Injection Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93214

Apache Jackrabbit CVE-2016-6801 Cross-Site Request Forgery Vulnerability
2016-09-29
http://www.securityfocus.com/bid/92966

App Container docker2aci Directory Traversal Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93194

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-09-29
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-09-29
http://www.securityfocus.com/bid/92987

Microsoft Azure Active Directory Passport CVE-2016-7191 Authentication Bypass Vulnerability
2016-09-29
http://www.securityfocus.com/bid/93213

SANS News

SNMP Pwn3ge

Threatpost

Congressional Leaders Demand Answers on Yahoo Breach

ISC Patches Critical Error Condition in BIND

Microsoft Unveils Cloud-Based Fuzz-Testing Service

Vendetta Brothers Cyber Crooks Adopt Real World Tactics

Cisco Warns of Critical Flaw in Email Security Appliances

Exploit

VLC Media Player 2.2.1 - Buffer Overflow

KeepNote 0.7.8 - Remote Command Execution

28.9.2016

Bugtraq

Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability 2016-09-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[REVIVE-SA-2016-002] Revive Adserver - Multiple vulnerabilities 2016-09-28
Matteo Beccati (matteo beccati com)

Multiple vulnerabilities found in the Dlink DWR-932B (backdoor, backdoor accounts, weak WPS, RCE ...) 2016-09-28
Pierre Kim (pierre kim sec gmail com)

Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 2016-09-27
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[slackware-security] bind (SSA:2016-271-01) 2016-09-27
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3680-1] bind9 security update 2016-09-27
Florian Weimer (fw deneb enyo de)

ESA-2016-127: EMC ViPR SRM Stored Cross-Site Scripting Vulnerability 2016-09-27
EMC Product Security Response Center (Security_Alert emc com)

[SECURITY] [DSA 3679-1] jackrabbit security update 2016-09-27
Florian Weimer (fw deneb enyo de)

Malware

BrowserModifier:Win32/Qiwmonk 
BrowserModifier:Win32/Qiwmonk!blnk 

MSIL/Spy.Agent.APY

Java/JSP.E

Win32/Runner.NCA

Python/SeaDuke.A

Win32/Spy.Delf.OZI

Phishing

 

Vulnerebility

Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91068

Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91067

IBM Spectrum Scale and IBM GPFS Local Command Execution Vulnerability
2016-09-28
http://www.securityfocus.com/bid/92408

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-09-28
http://www.securityfocus.com/bid/93188

libxml2 CVE-2015-8710 Out-of-bounds Memory Access Vulnerability
2016-09-28
http://www.securityfocus.com/bid/79811

ISC BIND CVE-2016-2775 Remote Denial of Service Vulnerability
2016-09-28
http://www.securityfocus.com/bid/92037

QEMU CVE-2016-5403 Denial of Service Vulnerability
2016-09-28
http://www.securityfocus.com/bid/92148

Samba CVE-2016-2119 Man in the Middle Security Bypass Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91700

Apache Tomcat CVE-2015-5174 Directory Traversal Vulnerability
2016-09-28
http://www.securityfocus.com/bid/83329

Libxml2 CVE-2016-4448 Remote Format String Vulnerability
2016-09-28
http://www.securityfocus.com/bid/90856

libarchive 'archive_read_support_format_zip.c' Heap Buffer Overflow Vulnerability
2016-09-28
http://www.securityfocus.com/bid/89355

libarchive 'archive_read_extract.c' Information Disclosure Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91340

Oracle Fusion Middleware CVE-2016-3595 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91940

libarchive CVE-2015-8930 Denial of Service Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91339

Oracle Fusion Middleware CVE-2016-3596 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91942

Oracle Fusion Middleware CVE-2016-3593 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91908

Oracle Fusion Middleware CVE-2016-3594 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91939

Oracle Fusion Middleware CVE-2016-3592 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91937

Oracle Fusion Middleware CVE-2016-3583 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91934

Oracle Fusion Middleware CVE-2016-3590 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91935

Oracle Fusion Middleware CVE-2016-3591 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91936

Oracle Fusion Middleware CVE-2016-3582 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91933

Oracle Fusion Middleware CVE-2016-3580 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91929

Oracle Fusion Middleware CVE-2016-3577 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91924

QEMU CVE-2016-3710 Remote Code Execution Vulnerability
2016-09-28
http://www.securityfocus.com/bid/90316

Oracle Fusion Middleware CVE-2016-3574 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91914

Oracle Fusion Middleware CVE-2016-3579 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91927

Libarchive CVE-2015-8933 Local Denial of Service Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91421

Oracle Fusion Middleware CVE-2016-3581 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91931

Oracle Fusion Middleware CVE-2016-3576 Remote Security Vulnerability
2016-09-28
http://www.securityfocus.com/bid/91923

SANS News

Rig Exploit Kit from the Afraidgate Campaign

Threatpost

Signal Adds iPhone Access to Desktop App

Germany Orders Facebook to Stop Collecting Data on WhatsApp Users


Microsoft Edge Adds App Guard Browser Security

Exploit

Symantec Messaging Gateway 10.6.1 - Directory Traversal

Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)

Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit)

FreePBX < 13.0.188 - Remote Command Execution (Metasploit)

NetMan 204 - Backdoor Account

TP-Link Archer CR-700 - Cross-Site Scripting

27.9.2016

Bugtraq

[SECURITY] [DSA 3679-1] jackrabbit security update 2016-09-27
Florian Weimer (fw deneb enyo de)

[security bulletin] HPSBHF03652 rev.1 - HPE iMC PLAT Network Products running Apache Commons FileUpload, Remote Denial of Service (DoS) 2016-09-26
security-alert hpe com

[security bulletin] HPSBHF03654 rev.1 - HPE iMC PLAT Network Products using SSL/TLS, Multiple Remote Vulnerabilities 2016-09-26
security-alert hpe com

[security bulletin] HPSBHF03655 rev.1 - HPE iMC PLAT Network Products running Apache Axis2, Multiple Remote Vulnerabilities 2016-09-26
security-alert hpe com

[SECURITY] [DSA 3678-1] python-django security update 2016-09-26
Florian Weimer (fw deneb enyo de)

[slackware-security] openssl (SSA:2016-270-01) 2016-09-26
Slackware Security Team (security slackware com)

[security bulletin] HPSBGN03648 rev.1 - HPE LoadRunner and Performance Center, Remote Denial of Service (DoS) 2016-09-26
security-alert hpe com

OS-S Security Advisory 2016-19: Epson WorkForce multi-function printers do not use signed firmware images and allow unauthorized malicious firmware-updates (CVSS 10) 2016-09-24
Ralf Spenneberg (info os-t de)

Malware

BrowserModifier:Win32/Qiwmonk 

Ransom.MarsJoke

Exp.CVE-2016-4282

Phishing

 

Vulnerebility

GNU Bash CVE-2016-7543 Local Command Execution Vulnerability
2016-09-27
http://www.securityfocus.com/bid/93183

OpenSSL CVE-2016-2108 ASN.1 Encoder Remote Memory Corruption Vulnerability
2016-09-27
http://www.securityfocus.com/bid/89752

libxml2 'HTMLparser.c' Out of Bounds Read Denial of Service Vulnerability
2016-09-27
http://www.securityfocus.com/bid/85267

libxml2 CVE-2015-8806 Denial of Service Vulnerability
2016-09-27
http://www.securityfocus.com/bid/82071

Multiple IBM Products CVE-2013-0513 Local Privilege Escalation Vulnerability
2016-09-27
http://www.securityfocus.com/bid/58691

Oracle Java SE CVE-2016-3511 Local Security Vulnerability
2016-09-27
http://www.securityfocus.com/bid/91990

Oracle Java SE CVE-2016-3598 Remote Code Execution Vulnerability
2016-09-27
http://www.securityfocus.com/bid/91918

Django CVE-2016-7401 Cross Site Request Forgery Vulnerability
2016-09-27
http://www.securityfocus.com/bid/93182

ImageMagick 'coders/sgi.c' Remote Buffer Overflow Vulnerability
2016-09-27
http://www.securityfocus.com/bid/93181

LibTIFF 'libtiff/tif_next.c' Memory Corruption Vulnerability
2016-09-27
http://www.securityfocus.com/bid/73438

LibTIFF CVE-2015-8668 Heap Buffer Overflow Vulnerability
2016-09-27
http://www.securityfocus.com/bid/79696

LibTIFF CVE-2016-3990 Heap Buffer Overflow Vulnerability
2016-09-27
http://www.securityfocus.com/bid/86000

LibTIFF CVE-2016-3945 Arbitrary Command Execution Vulnerability
2016-09-27
http://www.securityfocus.com/bid/85960

LibTIFF 'tif_getimage.c' Out of Bounds Read Denial of Service Vulnerability
2016-09-27
http://www.securityfocus.com/bid/79718

Apache Xerces-C CVE-2016-0729 Buffer Overflow Vulnerability
2016-09-27
http://www.securityfocus.com/bid/83423

libTIFF CVE-2016-5320 Remote Code Execution Vulnerability
2016-09-27
http://www.securityfocus.com/bid/91195

LibTIFF '_TIFFVGetField()' Function Arbitrary Command Execution Vulnerability
2016-09-27
http://www.securityfocus.com/bid/85953

LibTIFF 'tif_write.c' Denial of Service Vulnerability
2016-09-27
http://www.securityfocus.com/bid/72353

LibTIFF 'NeXTDecode()' Function Out of Bounds Write Memory Corruption Vulnerability
2016-09-27
http://www.securityfocus.com/bid/81696

LibTIFF 'tools/bmp2tiff.c' Out of Bounds Read Integer Overflow Vulnerability
2016-09-27
http://www.securityfocus.com/bid/71789

LibTIFF CVE-2015-8665 Out Of Bounds Read Denial of Service Vulnerability
2016-09-27
http://www.securityfocus.com/bid/79728

LibTIFF 'tiffcrop.c' Heap Buffer Overflow Vulnerability
2016-09-27
http://www.securityfocus.com/bid/85996

LibTIFF CVE-2015-7554 Invalid Write Memory Corruption Vulnerability
2016-09-27
http://www.securityfocus.com/bid/79699

LibTIFF CVE-2014-9655 Multiple Memory Corruption Vulnerabilities
2016-09-27
http://www.securityfocus.com/bid/73441

LibTIFF Multiple Out of Bounds Memory Corruption Vulnerabilities
2016-09-27
http://www.securityfocus.com/bid/81730

LibTIFF CVE-2014-8127 Out of Bounds Read Multiple Remote Denial of Service Vulnerabilities
2016-09-27
http://www.securityfocus.com/bid/72323

LibTIFF CVE-2014-8129 Out of Bounds Read and Write Multiple Remote Denial of Service Vulnerabilities
2016-09-27
http://www.securityfocus.com/bid/72352

IBM AIX CVE-2016-6038 Directory Traversal Vulnerability
2016-09-27
http://www.securityfocus.com/bid/93180

Adobe Digital Editions CVE-2016-6980 Unspecified Use After Free Remote Code Execution Vulnerability
2016-09-27
http://www.securityfocus.com/bid/93179

libssh2 CVE-2016-0787 Security Bypass Vulnerability
2016-09-27
http://www.securityfocus.com/bid/83389

SANS News

 

Threatpost

Questions Mount Around Yahoo Breach

Sofacy APT Targeting OS X Machines with Komplex Trojan

New Google Tools Help Devs Improve Content Security Policy Protection

Facebook Debuts Open Source Detection Tool for Windows


Signal Adds iPhone Access to Desktop App

Exploit

Joomla! Component Event Booking 2.10.1 - SQL Injection

Microsoft Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111)

Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive...

Macro Expert 4.0 - Multiple Privilege Escalations

Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation

MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation

Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation

NetDrive 2.6.12 - Unquoted Service Path Privilege Escalation

26.9.2016

Bugtraq

[security bulletin] HPSBGN03648 rev.1 - HPE LoadRunner and Performance Center, Remote Denial of Service (DoS) 2016-09-26
security-alert hpe com

OS-S Security Advisory 2016-19: Epson WorkForce multi-function printers do not use signed firmware images and allow unauthorized malicious firmware-updates (CVSS 10) 2016-09-24
Ralf Spenneberg (info os-t de)

[slackware-security] php (SSA:2016-267-01) 2016-09-23
Slackware Security Team (security slackware com)

ESA-2016-097: RSA Identity Governance and Lifecycle Information Disclosure Vulnerability 2016-09-23
EMC Product Security Response Center (Security_Alert emc com)

Recon Europe 2017 Call For Papers - January 27 - 29, 2017 - Brussels, Belgium 2016-09-22
cfpbrussels2017 recon cx

[SECURITY] [DSA 3674-1] firefox-esr security update 2016-09-22
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3673-1] openssl security update 2016-09-22
Moritz Muehlenhoff (jmm debian org)

Fwd: BT Wifi Extenders - Cross Site Scripting leading to disclosure of PSK 2016-09-22
Jamie R (jamie riden gmail com)

IE11 is not following CORS specification for local files 2016-09-22
Ricardo Iramar dos Santos (riramar gmail com)

Malware

TrojanDownloader:Win32/BitMiner 

Ransom:Win32/Mambretor.A 

Phishing

 

Vulnerebility

Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2016-09-26
http://www.securityfocus.com/bid/91067

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-09-26
http://www.securityfocus.com/bid/91453

IBM Spectrum Scale and IBM GPFS CVE-2016-2984 Local Command Execution Vulnerability
2016-09-26
http://www.securityfocus.com/bid/92410

Libxml2 'xmlsave.c' Denial of Service Vulnerability
2016-09-26
http://www.securityfocus.com/bid/90013

IBM WebSphere Application Server CVE-2016-5986 Information Disclosure Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93013

IBM WebSphere Application Server Liberty CVE-2016-3040 Open Redirect Vulnerability
2016-09-26
http://www.securityfocus.com/bid/92986

IBM WebSphere Application Server Liberty Profile CVE-2016-3042 Cross Site Scripting Vulnerability
2016-09-26
http://www.securityfocus.com/bid/92985

OpenSSH CVE-2016-1908 Security Bypass Vulnerability
2016-09-26
http://www.securityfocus.com/bid/84427

OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
2016-09-26
http://www.securityfocus.com/bid/84314

OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2016-09-26
http://www.securityfocus.com/bid/76317

Mozilla Network Security Services Use After Free CVE-2016-1978 Remote Code Execution Vulnerability
2016-09-26
http://www.securityfocus.com/bid/84275

IBM WebSphere Application Server CVE-2016-0377 Information Disclosure Vulnerability
2016-09-26
http://www.securityfocus.com/bid/92514

IBM Security Access Manager CVE-2016-3025 Security Bypass Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93178

OpenSSL CVE-2016-6309 Remote Code Execution Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93177

IBM Security Access Manager CVE-2016-3028 Remote Command Injection Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93176

Moodle CVE-2016-7038 Security Bypass Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93174

libstorage CVE-2016-5746 Insecure File Permissions Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93169

Red Hat Undertow CVE-2016-7046 Remote Denial of Service Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93173

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93171

IBM Connections CVE-2016-3001 Unspecified Cross Site Scripting Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93172

Google Nexus CVE-2016-3857 Privilege Escalation Vulnerability
2016-09-26
http://www.securityfocus.com/bid/92234

IBM WebSphere Application Server CVE-2016-0385 Security Bypass Vulnerability
2016-09-26
http://www.securityfocus.com/bid/92505

IBM WebSphere Application Server CVE-2016-2960 Denial of Service Vulnerability
2016-09-26
http://www.securityfocus.com/bid/92354

IBM WebSphere Application Server Liberty CVE-2016-0378 Information Disclosure Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93143

IBM Connections CVE-2016-3000 Denial of Service Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93166

libarchive CVE-2016-5418 Arbitrary File Write Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93165

IBM Connections CVE-2016-3007 Cross Site Request Forgery Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93168

IBM Connections CVE-2016-3006 Unspecified Cross Site Scripting Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93167

Atlassian HipChat Plugin CVE-2016-6668 Information Disclosure Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93159

IBM Connections CVE-2016-3003 Unspecified Cross Site Scripting Vulnerability
2016-09-26
http://www.securityfocus.com/bid/93161

SANS News

Defining Threat Intelligence Requirements

VBA and P-code

Threatpost

MarsJoke Ransomware Targets .EDU, .GOV Agencies

Hancitor Downloader Abusing APIs, PowerShell Commands

Exploit

 

25.9.2016

Bugtraq

Recon Europe 2017 Call For Papers - January 27 - 29, 2017 - Brussels, Belgium 2016-09-22
cfpbrussels2017 recon cx

[SECURITY] [DSA 3674-1] firefox-esr security update 2016-09-22
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3673-1] openssl security update 2016-09-22
Moritz Muehlenhoff (jmm debian org)

Fwd: BT Wifi Extenders - Cross Site Scripting leading to disclosure of PSK 2016-09-22
Jamie R (jamie riden gmail com)

IE11 is not following CORS specification for local files 2016-09-22
Ricardo Iramar dos Santos (riramar gmail com)

[slackware-security] irssi (SSA:2016-265-03) 2016-09-21
Slackware Security Team (security slackware com)

[security bulletin] HPSBHF03646 rev.1 - HPE Comware 7 (CW7) Network Products running NTP, Multiple Remote Vulnerabilities 2016-09-21
security-alert hpe com

Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla 2016-09-21
Larry W. Cashdollar (larry0 me com)

[security bulletin] HPSBGN03645 rev.2 - HPE Helion OpenStack Glance, Remote Access Restriction Bypass, Unauthorized Access 2016-09-21
security-alert hpe com

[slackware-security] pidgin (SSA:2016-265-01) 2016-09-21
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3672-1] irssi security update 2016-09-21
Salvatore Bonaccorso (carnil debian org)

Cisco Security Advisory: Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability 2016-09-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Cloud Services Platform 2100 Command Injection Vulnerability 2016-09-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

Ransom:Win32/Tovicrypt.A 

W32.Oldigork

Phishing

 

Vulnerebility

Geeklog IVYWE CVE-2016-4875 Multiple Cross Site Scripting Vulnerabilities
2016-09-23
http://www.securityfocus.com/bid/93123

ImageMagick CVE-2016-7513 Denial of Service Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93121

Exponent CMS Arbitrary Code Execution and File Upload Vulnerabilities
2016-09-23
http://www.securityfocus.com/bid/93119

Google Chrome Logic Error Security Bypass Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93113

ImageMagick 'coders/psd.c' Heap Buffer Overflow Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93122

ImageMagick 'coders/rle.c' Heap Buffer Overflow Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93120

Cisco Email Security Appliance CVE-2016-6406 Privilege Escalation Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93116

VLAN VLC 'mp4.c' Divide-By-Zero Denial of Service Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93118

Google Chrome Protocol Handler Security Bypass Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93117

Siemens Scalance M-800 / S615 CVE-2016-7090 Information Disclosure Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93115

Red Hat Enterprise Linux CVE-2016-3699 Local Security Bypass Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93114

ipywidgets Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93112

PHP 'ext/spl/spl_array.c' Use After Free Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/91401

PHP unserialize() Function Type Confusion Security Vulnerability
2016-09-23
http://www.securityfocus.com/bid/68237

PHP CVE-2015-0231 Incomplete Fix Use After Free Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/72539

PHP 'ext/zip/php_zip.c' Use After Free Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/91397

PHP CVE-2015-6834 Multiple Remote Code Execution Vulnerabilities
2016-09-23
http://www.securityfocus.com/bid/76649

PHP 'process_nested_data()' Function Use After Free Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/71791

OpenJPEG Multiple Security Vulnerabilities
2016-09-23
http://www.securityfocus.com/bid/93111

Mozilla Firefox Multiple Security Vulnerabilities
2016-09-23
http://www.securityfocus.com/bid/93049

Network Time Protocol CVE-2015-7855 Denial of Service Vulnerability
2016-09-23
http://www.securityfocus.com/bid/77283

Network Time Protocol CVE-2015-7705 Denial of Service Vulnerability
2016-09-23
http://www.securityfocus.com/bid/77284

Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2016-09-23
http://www.securityfocus.com/bid/77280

Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2016-09-23
http://www.securityfocus.com/bid/77287

HP Network Automation Java Deserialization CVE-2016-4385 Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93109

Kerio Control Prior to 9.1.3 Multiple Security Vulnerabilities
2016-09-23
http://www.securityfocus.com/bid/93110

Multiple EMC Products CVE-2016-0918 Information Disclosure Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93108

Joomla! Huge-IT Video Gallery Extension CVE-2016-1000123 SQL Injection Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93107

OpenStack Glance CVE-2016-4383 Remote Security Bypass Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93106

Fatek Automation PM Designer Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93105

SANS News

The era of big DDOS?

.PUB Analysis

Threatpost

Drupal Patches Three Vulnerabilities in Core Engine

Researchers Find ‘Severe’ Password Security Hole with iOS 10 Backups

Exploit

Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation

Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege...

Adobe Flash - Crash When Freeing Memory After AVC decoding

Adobe Flash - Video Decompression Memory Corruption

Linux - SELinux W+X Protection Bypass via AIO

23.9.2016

Bugtraq

ESA-2016-097: RSA Identity Governance and Lifecycle Information Disclosure Vulnerability 2016-09-23
EMC Product Security Response Center (Security_Alert emc com)

Recon Europe 2017 Call For Papers - January 27 - 29, 2017 - Brussels, Belgium 2016-09-22
cfpbrussels2017 recon cx

[SECURITY] [DSA 3674-1] firefox-esr security update 2016-09-22
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3673-1] openssl security update 2016-09-22
Moritz Muehlenhoff (jmm debian org)

Fwd: BT Wifi Extenders - Cross Site Scripting leading to disclosure of PSK 2016-09-22
Jamie R (jamie riden gmail com)

IE11 is not following CORS specification for local files 2016-09-22
Ricardo Iramar dos Santos (riramar gmail com)

[slackware-security] irssi (SSA:2016-265-03) 2016-09-21
Slackware Security Team (security slackware com)

[security bulletin] HPSBHF03646 rev.1 - HPE Comware 7 (CW7) Network Products running NTP, Multiple Remote Vulnerabilities 2016-09-21
security-alert hpe com

Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla 2016-09-21
Larry W. Cashdollar (larry0 me com)

[security bulletin] HPSBGN03645 rev.2 - HPE Helion OpenStack Glance, Remote Access Restriction Bypass, Unauthorized Access 2016-09-21
security-alert hpe com

Malware

Ransom:Win32/Tovicrypt.A 

W32.Oldigork

Phishing

 

Vulnerebility

IBM Tealeaf Customer Experience CVE-2016-5976 Information Disclosure Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93134

ImageMagick Multiple Heap Overflow Vulnerabilities
2016-09-23
http://www.securityfocus.com/bid/93131

IBM Security Guardium CVE-2016-0248 Man in the Middle Information Disclosure Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93137

Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
2016-09-23
http://www.securityfocus.com/bid/58073

ImageMagick 'viff.c' Heap Buffer Overflow Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93129

ImageMagick 'coders/sun.c' Heap Buffer Overflow Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93130

ImageMagick 'coders/pict.c' Heap Buffer Overflow Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93128

MuPDF 'pdf-object.c' Use After Free Denial of Service Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93127

Cisco IOS and Cisco IOS XE Software CVE-2014-2146 Security Bypass Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93126

ImageMagick CVE-2015-8957 Remote Buffer Overflow Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93125

ImageMagick 'coders/sun.c' Denial of Service Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93124

Geeklog IVYWE CVE-2016-4875 Multiple Cross Site Scripting Vulnerabilities
2016-09-23
http://www.securityfocus.com/bid/93123

ImageMagick CVE-2016-7513 Denial of Service Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93121

Exponent CMS Arbitrary Code Execution and File Upload Vulnerabilities
2016-09-23
http://www.securityfocus.com/bid/93119

Google Chrome Logic Error Security Bypass Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93113

ImageMagick 'coders/psd.c' Heap Buffer Overflow Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93122

ImageMagick 'coders/rle.c' Heap Buffer Overflow Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93120

Cisco Email Security Appliance CVE-2016-6406 Privilege Escalation Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93116

VLAN VLC 'mp4.c' Divide-By-Zero Denial of Service Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93118

Google Chrome Protocol Handler Security Bypass Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93117

Siemens Scalance M-800 / S615 CVE-2016-7090 Information Disclosure Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93115

Red Hat Enterprise Linux CVE-2016-3699 Local Security Bypass Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93114

ipywidgets Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/93112

PHP 'ext/spl/spl_array.c' Use After Free Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/91401

PHP unserialize() Function Type Confusion Security Vulnerability
2016-09-23
http://www.securityfocus.com/bid/68237

PHP CVE-2015-0231 Incomplete Fix Use After Free Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/72539

PHP 'ext/zip/php_zip.c' Use After Free Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/91397

PHP CVE-2015-6834 Multiple Remote Code Execution Vulnerabilities
2016-09-23
http://www.securityfocus.com/bid/76649

PHP 'process_nested_data()' Function Use After Free Remote Code Execution Vulnerability
2016-09-23
http://www.securityfocus.com/bid/71791

OpenJPEG Multiple Security Vulnerabilities
2016-09-23
http://www.securityfocus.com/bid/93111

SANS News

The era of big DDOS?

Threatpost

Drupal Patches Three Vulnerabilities in Core Engine

Researchers Find ‘Severe’ Password Security Hole with iOS 10 Backups

Exploit

Matrimonial Website Script 1.0.2 - SQL Injection

Kerio Control Unified Threat Management 9.1.0 build 1087, 9.1.1 build 1324 -...

Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection

JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal

22.9.2016

Bugtraq

Fwd: BT Wifi Extenders - Cross Site Scripting leading to disclosure of PSK 2016-09-22
Jamie R (jamie riden gmail com)

IE11 is not following CORS specification for local files 2016-09-22
Ricardo Iramar dos Santos (riramar gmail com)

[slackware-security] irssi (SSA:2016-265-03) 2016-09-21
Slackware Security Team (security slackware com)

[security bulletin] HPSBHF03646 rev.1 - HPE Comware 7 (CW7) Network Products running NTP, Multiple Remote Vulnerabilities 2016-09-21
security-alert hpe com

Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla 2016-09-21
Larry W. Cashdollar (larry0 me com)

[security bulletin] HPSBGN03645 rev.2 - HPE Helion OpenStack Glance, Remote Access Restriction Bypass, Unauthorized Access 2016-09-21
security-alert hpe com

[slackware-security] pidgin (SSA:2016-265-01) 2016-09-21
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3672-1] irssi security update 2016-09-21
Salvatore Bonaccorso (carnil debian org)

Cisco Security Advisory: Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability 2016-09-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Cloud Services Platform 2100 Command Injection Vulnerability 2016-09-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)

APPLE-SA-2016-09-20-6 tvOS 10 2016-09-20
Apple Product Security (product-security-noreply lists apple com)

Malware

W32.Oldigork

Phishing

 

Vulnerebility

PHP 'ext/spl/spl_array.c' Use After Free Remote Code Execution Vulnerability
2016-09-22
http://www.securityfocus.com/bid/91401

PHP unserialize() Function Type Confusion Security Vulnerability
2016-09-22
http://www.securityfocus.com/bid/68237

PHP CVE-2015-0231 Incomplete Fix Use After Free Remote Code Execution Vulnerability
2016-09-22
http://www.securityfocus.com/bid/72539

PHP 'ext/zip/php_zip.c' Use After Free Remote Code Execution Vulnerability
2016-09-22
http://www.securityfocus.com/bid/91397

PHP CVE-2015-6834 Multiple Remote Code Execution Vulnerabilities
2016-09-22
http://www.securityfocus.com/bid/76649

PHP 'process_nested_data()' Function Use After Free Remote Code Execution Vulnerability
2016-09-22
http://www.securityfocus.com/bid/71791

OpenJPEG Multiple Security Vulnerabilities
2016-09-22
http://www.securityfocus.com/bid/93111

Mozilla Firefox Multiple Security Vulnerabilities
2016-09-22
http://www.securityfocus.com/bid/93049

Network Time Protocol CVE-2015-7855 Denial of Service Vulnerability
2016-09-22
http://www.securityfocus.com/bid/77283

Network Time Protocol CVE-2015-7705 Denial of Service Vulnerability
2016-09-22
http://www.securityfocus.com/bid/77284

Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2016-09-22
http://www.securityfocus.com/bid/77280

Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2016-09-22
http://www.securityfocus.com/bid/77287

HP Network Automation Java Deserialization CVE-2016-4385 Remote Code Execution Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93109

Kerio Control Prior to 9.1.3 Multiple Security Vulnerabilities
2016-09-22
http://www.securityfocus.com/bid/93110

Multiple EMC Products CVE-2016-0918 Information Disclosure Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93108

Joomla! Huge-IT Video Gallery Extension CVE-2016-1000123 SQL Injection Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93107

OpenStack Glance CVE-2016-4383 Remote Security Bypass Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93106

Fatek Automation PM Designer Remote Code Execution Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93105

WordPress W3 Total Cache Plugin 'admin.php' Cross Site Scripting Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93104

Irssi Heap Buffer Overflow and Denial of Service Vulnerabilities
2016-09-22
http://www.securityfocus.com/bid/93103

JCraft JSch CVE-2016-5725 Directory Traversal Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93100

Libav 'libavcodec/aacsbr.c' Divide-By-Zero Denial of Service Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93102

Drupal Core Multiple Access Bypass and Cross Site Scripting Vulnerabilities
2016-09-22
http://www.securityfocus.com/bid/93101

OpenStack Nova Denial of Service Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93068

Libav 'ff_put_pixels8_xy2_mmx()' Function NULL Pointer Dereference Denial of Service Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93042

Multiple IBM Products CVE-2016-5947 Clickjacking Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93085

Multiple IBM Products CVE-2016-5945 Arbitrary File Upload Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93082

Multiple IBM Products CVE-2016-5944 Cross Site Scripting Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93087

Cisco Firepower Management Center and FireSIGHT System Software Security Bypass Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93098

Cisco Application Policy Infrastructure Controller Local Privilege Escalation Vulnerability
2016-09-22
http://www.securityfocus.com/bid/93089

SANS News

Those never-ending waves of Locky malspam

OpenSSL Update Released

Threatpost

iSpy Keylogger Targets Passwords, Skype, Webcams

SWIFT Confirms Banks Still Being Targeted, Announces Mitigation Tool

Malware Evades Detection with Novel Technique

DHS Announces Intent to Draft IoT Security Framework

Cisco Warns of Command Injection Flaw in Cloud Platform

Exploit

Exponent CMS 2.3.9 - Blind SQL Injection

Microix Timesheet Module - SQL Injection

AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation

Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101)

21.9.2016

Bugtraq

Cisco Security Advisory: Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability 2016-09-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Cloud Services Platform 2100 Command Injection Vulnerability 2016-09-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)

APPLE-SA-2016-09-20-6 tvOS 10 2016-09-20
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-09-20-5 watchOS 3 2016-09-20
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-09-20-4 macOS Server 5.2 2016-09-20
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-09-20-3 iOS 10 2016-09-20
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2016-09-20-2 Safari 10 2016-09-20
Apple Product Security (product-security-noreply lists apple com)

ESA-2016-093: RSA® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerability 2016-09-20
EMC Product Security Response Center (Security_Alert emc com)

ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2016-09-19
EMC Product Security Response Center (Security_Alert emc com)

ESA-2016-065: EMC Avamar Data Store and Avamar Virtual Edition Multiple Vulnerabilities 2016-09-19
EMC Product Security Response Center (Security_Alert emc com)

Call for Papers - WorldCIST'17 - 5th World Conference on Information Systems and Technologies (Published by Springer) 2016-09-18
ML (marialemos72 gmail com)

[SECURITY] CVE-2016-5017: Buffer overflow vulnerability in ZooKeeper C cli shell 2016-09-16
Flavio Junqueira (fpj apache org)

[SECURITY] CVE-2016-5017: Buffer overflow vulnerability in ZooKeeper C cli shell 2016-09-16
Flavio Junqueira (fpj apache org)

Malware

 

Phishing

 

Vulnerebility

file 'readelf.c' Out-of-Bounds Read Vulnerability
2016-09-21
http://www.securityfocus.com/bid/72516

IBM WebSphere Application Server Liberty CVE-2016-3040 Open Redirect Vulnerability
2016-09-21
http://www.securityfocus.com/bid/92986

file CVE-2014-8117 Denial of Service Vulnerability
2016-09-21
http://www.securityfocus.com/bid/71692

PHP 'donote()' Function Out-of-Bounds Read Vulnerability
2016-09-21
http://www.securityfocus.com/bid/70807

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2016-09-21
http://www.securityfocus.com/bid/69325

file CVE-2014-8116 Multiple Denial of Service Vulnerabilities
2016-09-21
http://www.securityfocus.com/bid/71700

file 'src/readelf.c' Denial of Service Vulnerability
2016-09-21
http://www.securityfocus.com/bid/71715

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2016-09-21
http://www.securityfocus.com/bid/68348

Apache Standard Taglibs CVE-2015-0254 XML External Entity Injection Vulnerability
2016-09-21
http://www.securityfocus.com/bid/72809

Multiple Rockwell Automation RSLogix Products CVE-2016-5814 Local Buffer Overflow Vulnerability
2016-09-21
http://www.securityfocus.com/bid/92983

PCRE CVE-2016-3191 Buffer Overflow Vulnerability
2016-09-21
http://www.securityfocus.com/bid/84810

PCRE 'compile_regex()' Function Heap Buffer Overflow Vulnerability
2016-09-21
http://www.securityfocus.com/bid/74934

PCRE CVE-2016-1283 Heap Buffer Overflow Vulnerability
2016-09-21
http://www.securityfocus.com/bid/79825

PCRE 'pcre_jit_compile.c' Denial of Service Vulnerability
2016-09-21
http://www.securityfocus.com/bid/85570

PCRE 'compile_regex()' Function Stack Buffer Overflow Vulnerability
2016-09-21
http://www.securityfocus.com/bid/74924

Adobe Flash Player APSB16-29 Multiple Unspecified Memory Corruption Vulnerabilities
2016-09-21
http://www.securityfocus.com/bid/92930

libvirt CVE-2015-5313 Local Directory Traversal Vulnerability
2016-09-21
http://www.securityfocus.com/bid/90913

libvirt CVE-2016-5008 Local Security Bypass Vulnerability
2016-09-21
http://www.securityfocus.com/bid/91562

Adobe Flash Player APSB16-29 Multiple Use After Free Remote Code Execution Vulnerabilities
2016-09-21
http://www.securityfocus.com/bid/92927

Microsoft Edge CVE-2016-3377 Scripting Engine Remote Memory Corruption Vulnerability
2016-09-21
http://www.securityfocus.com/bid/92797

Microsoft Internet Explorer and Edge CVE-2016-3247 Remote Memory Corruption Vulnerability
2016-09-21
http://www.securityfocus.com/bid/92828

GraphicsMagick Multiple Security Vulnerabilities
2016-09-21
http://www.securityfocus.com/bid/83241

Oracle Java SE CVE-2016-3511 Local Security Vulnerability
2016-09-21
http://www.securityfocus.com/bid/91990

PHP 'ext/spl/spl_array.c' Use After Free Remote Code Execution Vulnerability
2016-09-21
http://www.securityfocus.com/bid/91401

Mozilla Firefox Multiple Security Vulnerabilities
2016-09-21
http://www.securityfocus.com/bid/92260

PHP 'zip_stream.c' Integer Overflow Vulnerability
2016-09-21
http://www.securityfocus.com/bid/92099

PHP CVE-2016-6294 Local Information Disclosure Vulnerability
2016-09-21
http://www.securityfocus.com/bid/92115

PHP 'session.c' Use After Free Remote Code Execution Vulnerability
2016-09-21
http://www.securityfocus.com/bid/92097

PHP 'exif.c' NULL Pointer Dereference Denial of Service Vulnerability
2016-09-21
http://www.securityfocus.com/bid/92078

PHP 'zend_virtual_cwd.c' Integer Overflow Vulnerability
2016-09-21
http://www.securityfocus.com/bid/92074

SANS News

Those never-ending waves of Locky malspam

Windows Events log for IR/Forensics ,Part 2

Threatpost

Mamba Ransomware Encrypts Hard Drives Rather Than Files

Apple Squashes 68 Security Bugs With Sierra Release

Mozilla Patches Certificate Pinning Vulnerability in Firefox


RIG Picks Up Where Neutrino Left Off, Pushes CrypMIC Ransomware

Exploit

Microsoft Office PowerPoint 2010 - Invalid Pointer Reference

Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read /...

Dolphin 7.3.0 - Error-Based SQL Injection

VegaDNS 0.13.2 - Remote Command Injection

Kaltura 11.1.0-2 - Remote Code Execution (Metasploit)

20.9.2016

Bugtraq

ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2016-09-19
EMC Product Security Response Center (Security_Alert emc com)

ESA-2016-065: EMC Avamar Data Store and Avamar Virtual Edition Multiple Vulnerabilities 2016-09-19
EMC Product Security Response Center (Security_Alert emc com)

Call for Papers - WorldCIST'17 - 5th World Conference on Information Systems and Technologies (Published by Springer) 2016-09-18
ML (marialemos72 gmail com)

Malware

Win32/Spy.Agent.OWY

Backdoor.Batel

Win32/Spy.Agent.OWY

Phishing

 

Vulnerebility

Expat CVE-2016-4472 Incomplete Fix Remote Code Execution Vulnerability
2016-09-20
http://www.securityfocus.com/bid/91528

Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
2016-09-20
http://www.securityfocus.com/bid/91068

Libxml2 'xmlParseName' CVE-2016-4447 Remote Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/90864

libxml2 CVE-2016-3705 Stack Buffer Overflow Vulnerability
2016-09-20
http://www.securityfocus.com/bid/89854

NTP 'ntpd/ntp_config.c' Remote Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/76474

EMC RSA Adaptive Authentication CVE-2016-0925 HTML Injection Vulnerability
2016-09-20
http://www.securityfocus.com/bid/93025

Money Forward Apps for Android CVE-2016-4839 Security Vulnerability
2016-09-20
http://www.securityfocus.com/bid/93035

Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2016-09-20
http://www.securityfocus.com/bid/91067

OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2016-09-20
http://www.securityfocus.com/bid/75525

OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2016-09-20
http://www.securityfocus.com/bid/76317

Libxml2 'malloc.c' CVE-2016-3627 Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/84992

NTP CVE-2015-7691 Incomplete Fix Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/77274

Network Time Protocol 'ntpq.c' Memory Corruption Vulnerability
2016-09-20
http://www.securityfocus.com/bid/77288

NTP CVE-2015-7701 Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/77281

NTP CVE-2016-2518 Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/88226

NTP Multiple Arbitrary File Overwrite Vulnerabilities
2016-09-20
http://www.securityfocus.com/bid/77278

NTP CVE-2016-1550 Local Security Bypass Vulnerability
2016-09-20
http://www.securityfocus.com/bid/88261

NTP CVE-2016-1548 Security Bypass Vulnerability
2016-09-20
http://www.securityfocus.com/bid/88264

NTP CVE-2015-7702 Incomplete Fix Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/77286

NTP CVE-2015-5219 Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/76473

NTP CVE-2016-1547 Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/88276

NTP CVE-2015-7977 NULL Pointer Dereference Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/81815

NTP CVE-2015-5194 Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/76475

NTP CVE-2015-7978 Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/81962

NTP CVE-2015-7979 Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/81816

NTP CVE-2015-7692 Incomplete Fix Denial of Service Vulnerability
2016-09-20
http://www.securityfocus.com/bid/77285

Microsoft Internet Explorer and Edge CVE-2016-3295 Remote Memory Corruption Vulnerability
2016-09-20
http://www.securityfocus.com/bid/92830

Microsoft Internet Explorer CVE-2016-3292 Remote Privilege Escalation Vulnerability
2016-09-20
http://www.securityfocus.com/bid/92808

Microsoft Edge CVE-2016-3294 Remote Memory Corruption Vulnerability
2016-09-20
http://www.securityfocus.com/bid/92789

Microsoft Office CVE-2016-3365 Memory Corruption Vulnerability
2016-09-20
http://www.securityfocus.com/bid/92804

SANS News

 

Threatpost

Spyware Targeting Overseas Travelers Removed from Google Play

Facebook Fixes Vulnerability That Led to Account Takeover, Pays Researcher $16K

Mozilla Patching Firefox Certificate Pinning Vulnerability

Android Banking Trojan First to Gain Root Privileges

Exploit

ZineBasic 1.1 - Arbitrary File Disclosure

MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities

MyBB 1.8.6 - SQL Injection

SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation

Docker Daemon - Privilege Escalation (Metasploit)

SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation

VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions

VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow

19.9.2016

Bugtraq

Call for Papers - WorldCIST'17 - 5th World Conference on Information Systems and Technologies (Published by Springer) 2016-09-18
ML (marialemos72 gmail com)

[SECURITY] CVE-2016-5017: Buffer overflow vulnerability in ZooKeeper C cli shell 2016-09-16
Flavio Junqueira (fpj apache org)

[SECURITY] CVE-2016-5017: Buffer overflow vulnerability in ZooKeeper C cli shell 2016-09-16
Flavio Junqueira (fpj apache org)

Malware

 

Phishing

 

Vulnerebility

Huawei AR Routers Multiple Information Disclosure Vulnerabilities
2016-09-19
http://www.securityfocus.com/bid/76897

Multiple Huawei USG Products Buffer Overflow Vulnerability
2016-09-19
http://www.securityfocus.com/bid/92962

Adobe Acrobat and Reader CVE-2016-6937 Unspecified Memory Corruption Vulnerability
2016-09-19
http://www.securityfocus.com/bid/93014

Multiple IBM DB2 Products CVE-2016-5995 Local Privilege Escalation Vulnerability
2016-09-19
http://www.securityfocus.com/bid/93012

PHP CVE-2016-7418 Out-of-Bounds Read Denial of Service Vulnerability
2016-09-19
http://www.securityfocus.com/bid/93011

Huawei AnyOffice Remote Denial of Service Vulnerability
2016-09-19
http://www.securityfocus.com/bid/93010

Trend Micro Smart Protection Server Multiple Security Vulnerabilities
2016-09-16
http://www.securityfocus.com/bid/92778

Splunk Web Unspecified Open Redirection Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92603

Splunk Web Unspecified Cross Site Scripting Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92184
 

SANS News

Does it Matter If You Cover Your Webcam?

Windows Events log for IR/Forensics ,Part 1

Threatpost

Cisco Warns of IOS Flaw Vulnerable to ShadowBrokers Attack

Exploit

Kajona 4.7 - Cross-Site Scripting / Directory Traversal

WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure

Docker Daemon - Privilege Escalation (Metasploit)

SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation

EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow

PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow

18.9.2016

Bugtraq

[SECURITY] CVE-2016-5017: Buffer overflow vulnerability in ZooKeeper C cli shell 2016-09-16
Flavio Junqueira (fpj apache org)

[slackware-security] curl (SSA:2016-259-01) 2016-09-16
Slackware Security Team (security slackware com)

Malware

Ransom.HDDCryptor

Phishing

 

Vulnerebility

Trend Micro Smart Protection Server Multiple Security Vulnerabilities
2016-09-16
http://www.securityfocus.com/bid/92778

Splunk Web Unspecified Open Redirection Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92603

Splunk Web Unspecified Cross Site Scripting Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92184

Splunk Web Unspecified Open Redirection Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92183

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-09-16
http://www.securityfocus.com/bid/91453

libssh2 CVE-2016-0787 Security Bypass Vulnerability
2016-09-16
http://www.securityfocus.com/bid/83389

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92630

Oracle Java SE CVE-2016-3426 Remote Security Vulnerability
2016-09-16
http://www.securityfocus.com/bid/86449

Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
2016-09-16
http://www.securityfocus.com/bid/91068

Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2016-09-16
http://www.securityfocus.com/bid/91067

RETIRED: Apple iOS CVE-2016-4655 Local Information Disclosure Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92965

Apple iOS CVE-2016-4655 Information Disclosure Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92651

GNOME glib Multiple Out of Bounds Denial of Service Vulnerabilities
2016-09-16
http://www.securityfocus.com/bid/93002

OpenStack manila CVE-2016-6519 HTML Injection Vulnerability
2016-09-16
http://www.securityfocus.com/bid/93001

GNU Bash CVE-2016-0634 Local Code Execution Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92999

QEMU Infinite Loop CVE-2016-7421 Denial of Service Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92998

QEMU CVE-2016-7423 Denial of Service Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92997

QEMU CVE-2016-7422 Null Pointer Dereference Denial of Service Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92996

EMC RSA BSAFE Micro Edition Suite Security Weakness and Information Disclosure Vulnerabilities
2016-09-16
http://www.securityfocus.com/bid/92994

Splunk Enterprise and Splunk Lite CVE-2016-4856 HTML Injection Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92990

Crypto++ CVE-2016-7420 Information Disclosure Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92988

IBM WebSphere Application Server Liberty Profile CVE-2016-3042 Cross Site Scripting Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92985

ABB DataManagerPro CVE-2016-4526 DLL Loading Local Code Execution Vulnerability
2016-09-16
http://www.securityfocus.com/bid/92980

IBM WebSphere Application Server Liberty Profile CVE-2016-2923 Information Disclosure Vulnerability
2016-09-15
http://www.securityfocus.com/bid/91518

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2016-09-15
http://www.securityfocus.com/bid/89760

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2016-09-15
http://www.securityfocus.com/bid/89746

Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
2016-09-15
http://www.securityfocus.com/bid/91816

NTP CVE-2015-7702 Incomplete Fix Denial of Service Vulnerability
2016-09-15
http://www.securityfocus.com/bid/77286

NTP CVE-2015-7692 Incomplete Fix Denial of Service Vulnerability
2016-09-15
http://www.securityfocus.com/bid/77285

NTP Multiple Arbitrary File Overwrite Vulnerabilities
2016-09-15
http://www.securityfocus.com/bid/77278

SANS News

Multiple Cisco Products affected by IKEv1 Vulnerability

Threatpost

FBI Encouraging Ransomware Victims To Report Infections
Snowden Slammed in House Committee Report

Exploit

Cisco ASA 9.2(3) - 'EXTRABACON' Authentication Bypass

AnoBBS 1.0.1 - Remote File Inclusion

Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes)

16.9.2016

Bugtraq

[slackware-security] curl (SSA:2016-259-01) 2016-09-16
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3669-1] tomcat7 security update 2016-09-15
Moritz Muehlenhoff (jmm debian org)

ESA-2016-094: RSA BSAFE® Micro Edition Suite Multiple Vulnerabilities 2016-09-15
EMC Product Security Response Center (Security_Alert emc com)

Cisco EPC 3925 Multiple Vulnerabilities 2016-09-15
msg patrykbogdan com

Insecure transmission of data in Android applications developed with Adobe AIR [CVE-2016-6936] 2016-09-14
research nightwatchcybersecurity com

APPLE-SA-2016-09-14-1 iOS 10.0.1 2016-09-14
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 3666-1] mysql-5.5 security update 2016-09-14
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBST03640 rev.1 - HP XP7 Command View Advance Edition Suite (CVAE) using Replication Manager (RepMgr) and Device Manager (DevMgr), Local Access Restriction Bypass 2016-09-13
security-alert hpe com

Malware

 

Phishing

 

Vulnerebility

IBM WebSphere Application Server Liberty Profile CVE-2016-2923 Information Disclosure Vulnerability
2016-09-15
http://www.securityfocus.com/bid/91518

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2016-09-15
http://www.securityfocus.com/bid/89760

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability