Databáze Hot News 2016 November - 2016 January February March April May June July August September October November December

30.11.2016

Bugtraq

[RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler 2016-11-30
RedTeam Pentesting GmbH (release redteam-pentesting de)

XSS in tooltip plugin of Zurb Foundation 5 2016-11-29
Winni Neessen (winni insecure so)

Google Chrome Accessibility blink::Node corruption details 2016-11-29
Berend-Jan Wever (berendj nwever nl)

SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic 2016-11-28
SEC Consult Vulnerability Lab (research sec-consult com)

Malware

Trojan.Sponkirob

Phishing

noreply@amazon.com

30th November 2016

Important message please read

James B. Comey

29th November 2016

Executive Director FBI

Apple

29th November 2016

About your transaction
#5748573

IAPPIE.LD

29th November 2016

Account Suspended

Vulnerebility

SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2016-11-30
http://www.securityfocus.com/bid/73684

Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94588

Emerson DeltaV CVE-2016-9345 Local Privilege Escalation Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94584

Multiple Emerson Products CVE-2016-9347 Security Bypass Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94586

Dell iDRAC7 and iDRAC8 Devices CVE-2016-5685 Code Injection Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94585

Emerson Liebert SiteScan CVE-2016-8348 XML External Entity Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94587

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94335

JasPer CVE-2016-8654 Multiple Remote Heap Buffer Overflow Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94583

IBM FileNet Workplace XT CVE-2016-8921 Unspecified Arbitrary File Upload Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94582

Xen XSA-201 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94581

Zurb Foundation tooltip Plugin 'foundation.tooltip.js' Cross Site Scripting Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94580

Neovim CVE-2016-1248 Command Execution Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94478

Multiple Micro Focus Products CVE-2016-5765 Directory Traversal Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94579

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93965

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93962

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93964

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93844

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93474

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93957

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93567

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93842

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93563

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93956

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93955

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93473

QEMU 'hw/usb/hcd-xhci.c' Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93469

QEMU CVE-2016-7170 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92904

QEMU 'hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93273

QEMU Infinite Loop CVE-2016-7421 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92998

QEMU 'xilinx_ethlite.c' Heap Based Buffer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93141Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94588

Emerson DeltaV CVE-2016-9345 Local Privilege Escalation Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94584

Multiple Emerson Products CVE-2016-9347 Security Bypass Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94586

Dell iDRAC7 and iDRAC8 Devices CVE-2016-5685 Code Injection Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94585

Emerson Liebert SiteScan CVE-2016-8348 XML External Entity Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94587

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94335

JasPer CVE-2016-8654 Multiple Remote Heap Buffer Overflow Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94583

IBM FileNet Workplace XT CVE-2016-8921 Unspecified Arbitrary File Upload Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94582

Xen XSA-201 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94581

Zurb Foundation tooltip Plugin 'foundation.tooltip.js' Cross Site Scripting Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94580

Neovim CVE-2016-1248 Command Execution Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94478

Multiple Micro Focus Products CVE-2016-5765 Directory Traversal Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94579

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93965

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93962

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93964

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93844

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93474

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93957

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93567

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93842

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93563

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93956

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93955

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93473

QEMU 'hw/usb/hcd-xhci.c' Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93469

QEMU CVE-2016-7170 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92904

QEMU 'hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93273

QEMU Infinite Loop CVE-2016-7421 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92998

QEMU 'xilinx_ethlite.c' Heap Based Buffer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93141

QEMU Infinite Loop CVE-2016-7909 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93275Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94588

Emerson DeltaV CVE-2016-9345 Local Privilege Escalation Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94584

Multiple Emerson Products CVE-2016-9347 Security Bypass Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94586

Dell iDRAC7 and iDRAC8 Devices CVE-2016-5685 Code Injection Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94585

Emerson Liebert SiteScan CVE-2016-8348 XML External Entity Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94587

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94335

JasPer CVE-2016-8654 Multiple Remote Heap Buffer Overflow Vulnerabilities
2016-11-30
http://www.securityfocus.com/bid/94583

IBM FileNet Workplace XT CVE-2016-8921 Unspecified Arbitrary File Upload Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94582

Xen XSA-201 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94581

Zurb Foundation tooltip Plugin 'foundation.tooltip.js' Cross Site Scripting Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94580

Neovim CVE-2016-1248 Command Execution Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94478

Multiple Micro Focus Products CVE-2016-5765 Directory Traversal Vulnerability
2016-11-30
http://www.securityfocus.com/bid/94579

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93965

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93962

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93964

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93844

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93474

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93957

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93567

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93842

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93563

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93956

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93955

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93473

QEMU 'hw/usb/hcd-xhci.c' Infinite Loop Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93469

QEMU CVE-2016-7170 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92904

QEMU 'hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93273

QEMU Infinite Loop CVE-2016-7421 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/92998

QEMU 'xilinx_ethlite.c' Heap Based Buffer Overflow Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93141

QEMU Infinite Loop CVE-2016-7909 Denial of Service Vulnerability
2016-11-30
http://www.securityfocus.com/bid/93275

SANS News

Unpatched Vulnerability in Firefox used to Attack Tor Browser

Take Back Wednesday? SQL Slammer... still alive but barely kicking

Threatpost

New Mirai Variant Targets Routers, Knocks 900,000 Offline

NetWire RAT Back, Stealing Payment Card Data

New Cerber Variant Leverages Tor2Web Proxies, Google Redirects

Exploit

WinPower 4.9.0.4 - Privilege Escalation

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition Privilege...

29.11.2016

Bugtraq

XSS in tooltip plugin of Zurb Foundation 5 2016-11-29
Winni Neessen (winni insecure so)

Google Chrome Accessibility blink::Node corruption details 2016-11-29
Berend-Jan Wever (berendj nwever nl)

SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic 2016-11-28
SEC Consult Vulnerability Lab (research sec-consult com)

[SECURITY] [DSA 3725-1] icu security update 2016-11-27
Luciano Bello (luciano debian org)

Core FTP LE v2.2 Remote SSH/SFTP Buffer Overflow 2016-11-27
apparitionsec gmail com/hyp3rlinx

WorldCIST'2017 - Submission deadline: November 30 2016-11-26
ML (marialemos72 gmail com)

Malware

Ransom.YeeScrLocker

Linux.Gafgyt.B

Phishing

IAPPIE.LD

29th November 2016

Account Suspended

Service Info

29th November 2016

UPDATE

noreply@amazon.com

29th November 2016

Important message please read

Vulnerebility

OpenSSL Padding Oracle Incomplete Fix Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/89760

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/89746

Oracle Java SE CVE-2016-5582 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93623

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93637

Oracle Java SE CVE-2016-5556 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93618

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93621

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93643

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93628

DBD::mysql CVE-2016-1251 Use After Free Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94573

Expat CVE-2016-0718 Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/90729

Expat CVE-2016-5300 Incomplete Fix Remote Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/91159

Mozilla Firefox and Thunderbird MFSA 2015-48 through -58 Multiple Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/74611

Google Chrome Prior to 44.0.2403.89 Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/75973

Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/52379

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93150

Apple iOS/macOS/tvOS/watchOS CVE-2016-4688 Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94572

Apple macOS CVE-2016-7584 Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94571

iCloud Setup for Windows CVE-2016-7583 Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94570

Mozilla Firefox CVE-2016-9078 URL Redirection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94569

Red Hat JBoss BRMS and BPM Suite CVE-2016-8608 Incomplete Fix HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94568

Drools CVE-2016-7041 Directory Traversal Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94566

WordPress Dukapress Plugin 'dukapress/download.php' SQL Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94567

WordPress Image Gallery Plugin HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94565

WordPress simple-image-manipulator Plugin 'download.php' Arbitrary File Download Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94563

Guidance Software EnCase Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94564

Core FTP Client Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94562

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94499

metapixel 'rwgif.c' Heap Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94466

IBM BigFix Remote Control CVE-2016-2927 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94561Apple iOS/macOS/tvOS/watchOS CVE-2016-4688 Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94572

Apple macOS CVE-2016-7584 Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94571

iCloud Setup for Windows CVE-2016-7583 Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94570

Mozilla Firefox CVE-2016-9078 URL Redirection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94569

Red Hat JBoss BRMS and BPM Suite CVE-2016-8608 Incomplete Fix HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94568

Drools CVE-2016-7041 Directory Traversal Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94566

WordPress Dukapress Plugin 'dukapress/download.php' SQL Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94567

WordPress Image Gallery Plugin HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94565

WordPress simple-image-manipulator Plugin 'download.php' Arbitrary File Download Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94563

Guidance Software EnCase Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94564

Core FTP Client Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94562

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94499

metapixel 'rwgif.c' Heap Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94466

IBM BigFix Remote Control CVE-2016-2927 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94561

IBM BigFix Remote Control CVE-2016-2929 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94560

WebKit CVE-2016-9642 Memory Corruption Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94554

WebKit CVE-2016-9643 Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94559

Multiple IBM Products CVE-2016-0284 XML External Entity Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94555

IBM iNotes CVE-2016-0282 Cross Site Scripting Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94558

IBM BigFix Remote Control CVE-2016-2928 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94556

Multiple IBM Products CVE-2016-0273 Cross Site Scripting Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94557

Multiple IBM Products CVE-2016-0285 HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94550

Cybozu Kintone App CVE-2016-7816 SSL Certificate Validation Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94547

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94552

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94549

SaltStack Salt CVE-2016-9639 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94553

InPage '.inp' File Parser Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94548

Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93544

Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/91540

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93037Red Hat JBoss BRMS and BPM Suite CVE-2016-8608 Incomplete Fix HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94568

Drools CVE-2016-7041 Directory Traversal Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94566

WordPress Dukapress Plugin 'dukapress/download.php' SQL Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94567

WordPress Image Gallery Plugin HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94565

WordPress simple-image-manipulator Plugin 'download.php' Arbitrary File Download Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94563

Guidance Software EnCase Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94564

Core FTP Client Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94562

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94499

metapixel 'rwgif.c' Heap Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94466

IBM BigFix Remote Control CVE-2016-2927 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94561

IBM BigFix Remote Control CVE-2016-2929 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94560

WebKit CVE-2016-9642 Memory Corruption Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94554

WebKit CVE-2016-9643 Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94559

Multiple IBM Products CVE-2016-0284 XML External Entity Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94555

IBM iNotes CVE-2016-0282 Cross Site Scripting Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94558

IBM BigFix Remote Control CVE-2016-2928 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94556

Multiple IBM Products CVE-2016-0273 Cross Site Scripting Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94557

Multiple IBM Products CVE-2016-0285 HTML Injection Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94550

Cybozu Kintone App CVE-2016-7816 SSL Certificate Validation Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94547

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94552

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-11-29
http://www.securityfocus.com/bid/94549

SaltStack Salt CVE-2016-9639 Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94553

InPage '.inp' File Parser Remote Code Execution Vulnerability
2016-11-29
http://www.securityfocus.com/bid/94548

Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93544

Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/91540

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93037

Linux Kernel CVE-2016-8666 Stack Overflow Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/93562

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-11-29
http://www.securityfocus.com/bid/92452

Linux Kernel Local Security Bypass Vulnerability
2016-11-29
http://www.securityfocus.com/bid/92659

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-11-29
http://www.securityfocus.com/bid/91704

SANS News

Port 7547 SOAP Remote Code Execution Attack Against DSL Modems

TR-069 NewNTPServer Exploits: What we know so far

Threatpost

PayPal Fixes OAuth Token Leaking Vulnerability

Exploit

Android - 'BadKernel' Remote Code Execution

Microsoft Internet Explorer 8 / 9 / 10 / 11 MSHTML - 'DOMImplementation' Type...

Microsoft Internet Explorer 10 MSHTML - 'CEdit­Adorner::Detach' Use-After-Free ...

Microsoft Internet Explorer 11 MSHTML -...

Microsoft Internet Explorer 8 MSHTML - 'SRun­Pointer::Span­Qualifier/Run­Type' Ou...

NTP 4.2.8p3 - Denial of Service

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege...

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege...

Red Hat JBoss EAP - Deserialization of Untrusted Data

Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting

28.11.2016

Bugtraq

SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic 2016-11-28
SEC Consult Vulnerability Lab (research sec-consult com)

[SECURITY] [DSA 3725-1] icu security update 2016-11-27
Luciano Bello (luciano debian org)

Core FTP LE v2.2 Remote SSH/SFTP Buffer Overflow 2016-11-27
apparitionsec gmail com/hyp3rlinx

WorldCIST'2017 - Submission deadline: November 30 2016-11-26
ML (marialemos72 gmail com)

CVE 2016-6803: Apache OpenOffice Unquoted Search Path Vulnerability 2016-11-25
Apache OpenOffice Security (orcmid apache org)

Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)

[SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)

Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)

[SECURITY] [DSA 3723-1] gst-plugins-good1.0 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)

Malware

HackTool:Win32/AutoKMS!rfn

Phishing

 

Vulnerebility

WebKit CVE-2016-9642 Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94554

WebKit CVE-2016-9643 Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94559

Multiple IBM Products CVE-2016-0284 XML External Entity Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94555

IBM iNotes CVE-2016-0282 Cross Site Scripting Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94558

IBM BigFix Remote Control CVE-2016-2928 Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94556

Multiple IBM Products CVE-2016-0273 Cross Site Scripting Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94557

Multiple IBM Products CVE-2016-0285 HTML Injection Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94550

Cybozu Kintone App CVE-2016-7816 SSL Certificate Validation Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94547

Siemens SICAM PAS Products CVE-2016-8566 Local Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94552

Siemens SICAM PAS Multiple Security Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94549

SaltStack Salt CVE-2016-9639 Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94553

InPage '.inp' File Parser Remote Code Execution Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94548

Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93544

Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/91540

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93037

Linux Kernel CVE-2016-8666 Stack Overflow Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93562

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92452

Linux Kernel Local Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92659

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/91704

Google Android Multiple Kernel Components Multiple Information Disclosure Vulnerabilites
2016-11-28
http://www.securityfocus.com/bid/93326

Linux Kernel CVE-2016-6327 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92549

Linux Kernel CVE-2016-6480 Local Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92214

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93541

Linux Kernel CVE-2016-9313 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94546

Linux Kernel CVE-2016-9644 Local Privilege Escalation Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94545

ICU CVE-2016-6293 Out of Bounds Read Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92127

ImageMagick 'coders/tiff.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93598

ImageMagick CVE-2016-7906 Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93271

ImageMagick 'MagickCore/profile.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93264

RedHat Jboss Fuse and Jboss A-MQ CVE-2016-8653 Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94544Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93544

Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/91540

Linux Kernel SCSI arcmsr Driver CVE-2016-7425 Local Heap Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93037

Linux Kernel CVE-2016-8666 Stack Overflow Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93562

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92452

Linux Kernel Local Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92659

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/91704

Google Android Multiple Kernel Components Multiple Information Disclosure Vulnerabilites
2016-11-28
http://www.securityfocus.com/bid/93326

Linux Kernel CVE-2016-6327 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92549

Linux Kernel CVE-2016-6480 Local Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92214

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93541

Linux Kernel CVE-2016-9313 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94546

Linux Kernel CVE-2016-9644 Local Privilege Escalation Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94545

ICU CVE-2016-6293 Out of Bounds Read Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92127

ImageMagick 'coders/tiff.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93598

ImageMagick CVE-2016-7906 Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93271

ImageMagick 'MagickCore/profile.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93264

RedHat Jboss Fuse and Jboss A-MQ CVE-2016-8653 Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94544

International Components for Unicode CVE-2016-7415 Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93022

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94520

Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2016-11-28
http://www.securityfocus.com/bid/77164

Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2016-11-28
http://www.securityfocus.com/bid/75861

IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94533
Linux Kernel CVE-2016-8666 Stack Overflow Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93562

Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92452

Linux Kernel Local Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92659

Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/91704

Google Android Multiple Kernel Components Multiple Information Disclosure Vulnerabilites
2016-11-28
http://www.securityfocus.com/bid/93326

Linux Kernel CVE-2016-6327 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92549

Linux Kernel CVE-2016-6480 Local Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92214

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93541

Linux Kernel CVE-2016-9644 Local Privilege Escalation Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94545

ICU CVE-2016-6293 Out of Bounds Read Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/92127

ImageMagick 'coders/tiff.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93598

ImageMagick CVE-2016-7906 Use After Free Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93271

ImageMagick 'MagickCore/profile.c' Memory Corruption Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93264

RedHat Jboss Fuse and Jboss A-MQ CVE-2016-8653 Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94544

International Components for Unicode CVE-2016-7415 Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93022

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94520

Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2016-11-28
http://www.securityfocus.com/bid/77164

Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2016-11-28
http://www.securityfocus.com/bid/75861

IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94533

Linux Kernel CVE-2016-8650 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94532

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94536

Multiple Huawei Products CVE-2016-8768 Local Privilege Escalation
2016-11-28
http://www.securityfocus.com/bid/93885

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94535IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94533

Linux Kernel CVE-2016-8650 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94532

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94536

Multiple Huawei Products CVE-2016-8768 Local Privilege Escalation
2016-11-28
http://www.securityfocus.com/bid/93885

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94535

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/93153

phpMyAdmin PMASA-2016-62 Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94534

Multiple Cisco Products CVE-2016-1409 Remote Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/90872

phpMyAdmin PMASA-2016-64 Multiple Cross Site Scripting Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94530

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94528

phpMyAdmin PMASA-2016-61 Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94529

phpMyAdmin PMASA-2016-65 Multiple Denial of Service Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94525

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94531

phpMyAdmin Multiple Full Path Information Disclosure Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94527

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-58 Insecure Key Generation Security Weakness
2016-11-28
http://www.securityfocus.com/bid/94524

PHP libicu 'locale_get_display_name()' Stack Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/68549

Multiple Huawei Products Local Multiple Security Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94509

phpMyAdmin PMASA-2016-59 Remote Information Disclosure Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94523

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94521

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-28
http://www.securityfocus.com/bid/94394

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94520

Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-28
http://www.securityfocus.com/bid/94471

SANS News

Port 7547 SOAP Remote Code Execution Attack Against DSL Modems

Scapy vs. CozyDuke

Threatpost

 

Exploit

Disk Pulse Enterprise 9.1.16 - Buffer Overflow

Disk Savvy Enterprise 9.1.14 - Buffer Overflow

Dup Scout Enterprise 9.1.14 - Buffer Overflow

Disk Sorter Enterprise 9.1.12 - Buffer Overflow

Sync Breeze Enterprise 9.1.16 - Buffer Overflow

VX Search Enterprise 9.1.12 - Buffer Overflow

27.11.2016

Bugtraq

Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)

Malware

 

Phishing

Apple

27th November 2016

[Norton Anti]Please Review
Your Account Informations

Virgin Media

26th November 2016

AN UPDATE FROM VIRGIN MEDIA

Support

26th November 2016

[PAYPAL] PLEASE CONFIRM YOUR
INFORMATIONS

Vulnerebility

IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94533

Linux Kernel CVE-2016-8650 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94532

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94536

Multiple Huawei Products CVE-2016-8768 Local Privilege Escalation
2016-11-27
http://www.securityfocus.com/bid/93885

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94535

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-27
http://www.securityfocus.com/bid/93153

phpMyAdmin PMASA-2016-62 Security Bypass Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94534

Multiple Cisco Products CVE-2016-1409 Remote Denial of Service Vulnerability
2016-11-27
http://www.securityfocus.com/bid/90872

phpMyAdmin PMASA-2016-64 Multiple Cross Site Scripting Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94530

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94528

phpMyAdmin PMASA-2016-61 Security Bypass Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94529

phpMyAdmin PMASA-2016-65 Multiple Denial of Service Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94525

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94531

phpMyAdmin Multiple Full Path Information Disclosure Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94527

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-58 Insecure Key Generation Security Weakness
2016-11-27
http://www.securityfocus.com/bid/94524

PHP libicu 'locale_get_display_name()' Stack Buffer Overflow Vulnerability
2016-11-27
http://www.securityfocus.com/bid/68549

Multiple Huawei Products Local Multiple Security Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94509

phpMyAdmin PMASA-2016-59 Remote Information Disclosure Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94523

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94521

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-27
http://www.securityfocus.com/bid/94394

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94520

Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-27
http://www.securityfocus.com/bid/94471
IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94533

Linux Kernel CVE-2016-8650 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94532

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94536

Multiple Huawei Products CVE-2016-8768 Local Privilege Escalation
2016-11-26
http://www.securityfocus.com/bid/93885

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94535

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/93153

phpMyAdmin PMASA-2016-62 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94534

Multiple Cisco Products CVE-2016-1409 Remote Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/90872

phpMyAdmin PMASA-2016-64 Multiple Cross Site Scripting Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94530

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94528

phpMyAdmin PMASA-2016-61 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94529

phpMyAdmin PMASA-2016-65 Multiple Denial of Service Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94525

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94531

phpMyAdmin Multiple Full Path Information Disclosure Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94527

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-58 Insecure Key Generation Security Weakness
2016-11-26
http://www.securityfocus.com/bid/94524

PHP libicu 'locale_get_display_name()' Stack Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/68549

Multiple Huawei Products Local Multiple Security Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94509

phpMyAdmin PMASA-2016-59 Remote Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94523

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94521

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94394

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94520

Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94471
IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94543

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94499

Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94539

Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94542

Multiple IBM Rational Products CVE-2016-0372 Remote Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94541

Multiple Huawei Secospace Products CVE-2016-8802 Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94538

Simple Keitai Chat CVE-2016-7817 Cross Site Scripting and HTML Injection Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94537

phpMyAdmin PMASA-2016-69 Multiple SQL Injection Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94533

Linux Kernel CVE-2016-8650 Null Pointer Deference Local Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94532

phpMyAdmin PMASA-2016-71 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94536

Multiple Huawei Products CVE-2016-8768 Local Privilege Escalation
2016-11-26
http://www.securityfocus.com/bid/93885

phpMyAdmin PMASA-2016-66 Remote Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94535

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/93153

phpMyAdmin PMASA-2016-62 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94534

Multiple Cisco Products CVE-2016-1409 Remote Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/90872

phpMyAdmin PMASA-2016-64 Multiple Cross Site Scripting Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94530

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94528

phpMyAdmin PMASA-2016-61 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94529

phpMyAdmin PMASA-2016-65 Multiple Denial of Service Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94525

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94531

phpMyAdmin Multiple Full Path Information Disclosure Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94527

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-58 Insecure Key Generation Security Weakness
2016-11-26
http://www.securityfocus.com/bid/94524

PHP libicu 'locale_get_display_name()' Stack Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/68549

Multiple Huawei Products Local Multiple Security Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94509

phpMyAdmin PMASA-2016-59 Remote Information Disclosure Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94523

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94521

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-26
http://www.securityfocus.com/bid/94394

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94520

Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-26
http://www.securityfocus.com/bid/94471

SANS News

 

Threatpost

 

Exploit

Linux/x86 - Egg-hunter Shellcode (25 bytes)

Core FTP LE 2.2 - 'SSH/SFTP' Remote Buffer Overflow (PoC)

25.11.2016

Bugtraq

Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)

[SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)

Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)

[SECURITY] [DSA 3723-1] gst-plugins-good1.0 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)

WorldCIST'17 - Submission deadline: November 27 2016-11-24
ML (marialemos72 gmail com)

Malware

 

Phishing

Apple

25th November 2016

Your Apple ID was used to sign
in to iMessage on an iPhone 6.

info

24th November 2016

PAYPAL - VERIFICATION REQUIRED

Tesco Credit Card Services

23rd November 2016

Your Account

NatWest

23rd November 2016

New online login
authentication procedures

Vulnerebility

2016-11-25
http://www.securityfocus.com/bid/93885

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93153

phpMyAdmin PMASA-2016-62 Security Bypass Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94534

Multiple Cisco Products CVE-2016-1409 Remote Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/90872

phpMyAdmin PMASA-2016-64 Multiple Cross Site Scripting Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94530

phpMyAdmin 'BBCode' Code Injection Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94528

phpMyAdmin PMASA-2016-61 Security Bypass Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94529

phpMyAdmin PMASA-2016-65 Multiple Denial of Service Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94525

phpMyAdmin PMASA-2016-70 Security Bypass Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94531

phpMyAdmin Multiple Full Path Information Disclosure Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94527

phpMyAdmin Table Partitioning Function PMASA-2016-68 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94526

phpMyAdmin PMASA-2016-58 Insecure Key Generation Security Weakness
2016-11-25
http://www.securityfocus.com/bid/94524

PHP libicu 'locale_get_display_name()' Stack Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/68549

Multiple Huawei Products Local Multiple Security Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94509

phpMyAdmin PMASA-2016-59 Remote Information Disclosure Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94523

phpMyAdmin PMASA-2016-60 Remote Multiple Security Bypass Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94521

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94394

ICU 'uloc_getDisplayName()' Function Stack Based Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94520

Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94471

Xen CVE-2016-9382 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94470

Xen CVE-2016-9383 Memory Corruption Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94474

Xen CVE-2016-9385 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94472

Xen CVE-2016-9381 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94476

Xen PyGrub Multiple Privilege Escalation Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94473

phpMyAdmin CVE-2016-4412 Open Redirection Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94519

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94499

IBM FileNet Workplace CVE-2016-5981 Unspecified Cross Site Scripting Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94517

IBM Jazz Foundation CVE-2016-2947 Information Disclosure Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94518

IBM Tealeaf Customer Experience Server Side Request Forgery Security Bypass Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94516

IBM Sterling Connect:Direct CVE-2016-5991 Local Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94515
Xen CVE-2016-9386 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94471

Xen CVE-2016-9382 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94470

Xen CVE-2016-9383 Memory Corruption Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94474

Xen CVE-2016-9385 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94472

Xen CVE-2016-9381 Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94476

Xen PyGrub Multiple Privilege Escalation Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94473

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94499

IBM FileNet Workplace CVE-2016-5981 Unspecified Cross Site Scripting Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94517

IBM Jazz Foundation CVE-2016-2947 Information Disclosure Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94518

IBM Tealeaf Customer Experience Server Side Request Forgery Security Bypass Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94516

IBM Sterling Connect:Direct CVE-2016-5991 Local Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94515

IBM Sterling Connect:Direct CVE-2016-5992 Local Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94514

Apache Karaf CVE-2016-8648 Remote Code Execution Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94513

Sivann ITDB 'examples_support/editable_ajax.php' Cross Site Scripting Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94511

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93965

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93842

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93957

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93474

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93956

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93563

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93964

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93955

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93567

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93844

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93962

QEMU CVE-2016-7170 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/92904

QEMU 'xilinx_ethlite.c' Heap Based Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93141

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93473

QEMU 'hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93273

QEMU Infinite Loop CVE-2016-7909 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93275Apache Karaf CVE-2016-8648 Remote Code Execution Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94513

Sivann ITDB 'examples_support/editable_ajax.php' Cross Site Scripting Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94511

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93965

QEMU CVE-2016-8909 Infinite Loop Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93842

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93957

QEMU CVE-2016-8578 Null Pointer Dereference Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93474

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93956

QEMU '/hw/char/serial.c' Divide By Zero Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93563

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93964

QEMU 'hw/9pfs/9p.c' Information Disclosure Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93955

QEMU 'hw/dma/rc4030.c' Divide By Zero Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93567

QEMU CVE-2016-8910 Infinite Loop Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93844

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93962

QEMU CVE-2016-7170 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/92904

QEMU 'xilinx_ethlite.c' Heap Based Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93141

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93473

QEMU 'hw/net/mcf_fec.c' Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93273

QEMU Infinite Loop CVE-2016-7909 Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93275

QEMU 'hw/usb/hcd-xhci.c' Infinite Loop Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93469

Less Compiler Arbitrary Code Execution Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94512

Huawei NEM CVE-2016-8775 Local Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94506

BigTree CMS 'redraw-field.php' Multiple Cross Site Scripting Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94510

BigTree CMS 'check-module-integrity.php' Cross Site Scripting Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94508

Multiple Huawei Products CVE-2016-8774 Local Buffer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94503

Huawei FusionStorage CVE-2016-8803 Local Privilege Escalation Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94507

TomatoCart 'step_5.php' Multiple Cross Site Scripting Vulnerabilities
2016-11-25
http://www.securityfocus.com/bid/94505

ISC BIND CVE-2016-2848 Remote Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/93814

Multiple Huawei CloudEngine Products CVE-2016-8795 Integer Overflow Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94504

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/94067

Expat CVE-2016-5300 Incomplete Fix Remote Denial of Service Vulnerability
2016-11-25
http://www.securityfocus.com/bid/91159

SANS News

Extracting Shellcode From JavaScript

Free Software Quick Security Checklist

Threatpost

 

Exploit

Osticket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting

Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation...

Remote Utilities Host 6.3 - Denial of Service

24.11.2016

Bugtraq

[SYSS-2016-107] EASY HOME Alarmanlagen-Set - Cryptographic Issues (CWE-310) 2016-11-24
gerhard klostermeier syss de

[SYSS-2016-071] Blaupunkt Smart GSM Alarm SA 2500 Kit - Missing Protection against Replay Attacks 2016-11-24
matthias deeg syss de

[SYSS-2016-064] Multi Kon Trade M2B GSM Wireless Alarm System - Improper Restriction of Excessive Authentication Attempts (CWE-307) 2016-11-24
gerhard klostermeier syss de

[SYSS-2016-066] Multi Kon Trade M2B GSM Wireless Alarm System - Missing Protection against Replay Attacks 2016-11-24
gerhard klostermeier syss de

[CVE-2016-7098] GNU Wget < 1.18 Access List Bypass / Race Condition 2016-11-24
Dawid Golunski (dawid legalhackers com)

Malware

TrojanDownloader:JS/Nemucod  
JS/Nemucod  
Ransom:Win32/Locky.A  

Trojan.Ismdoor

Ransom.OzozaLocker

Phishing

info

24th November 2016

PAYPAL - VERIFICATION REQUIRED

Tesco Credit Card Services

23rd November 2016

Your Account

Vulnerebility

BigTree CMS 'check-module-integrity.php' Cross Site Scripting Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94508

Multiple Huawei Products CVE-2016-8774 Local Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94503

Huawei FusionStorage CVE-2016-8803 Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94507

TomatoCart 'step_5.php' Multiple Cross Site Scripting Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94505

ISC BIND CVE-2016-2848 Remote Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93814

Multiple Huawei CloudEngine Products CVE-2016-8795 Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94504

ISC BIND CVE-2016-8864 Remote Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94067

Expat CVE-2016-5300 Incomplete Fix Remote Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91159

Linux Kernel 'usbhid/hiddev.c' Local Heap Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91450

Linux Kernel CVE-2016-7117 Use-After-Free Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93304

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93793

PHP 'ext/session/session.c' Remote Code Injection Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92552

CakePHP Multiple Security Bypass Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94502

SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2016-11-24
http://www.securityfocus.com/bid/73684

MoinMoin 'action/fckdialog.py' Cross-Site Scripting Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94501

SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2016-11-24
http://www.securityfocus.com/bid/58796

IETF RFC 3279 X.509 Certificate MD5 Signature Collision Vulnerability
2016-11-24
http://www.securityfocus.com/bid/33065

Apache Tomcat Security Manager CVE-2016-5018 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93942

Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93944

Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93943

libTIFF CVE-2016-5320 Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91195

LibTIFF 'NeXTDecode()' Function Out of Bounds Write Memory Corruption Vulnerability
2016-11-24
http://www.securityfocus.com/bid/81696

Linux Kernel 'ip_tunnel.c' Local Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94500

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94499

w3m Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94464

Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94295

LXC CVE-2016-8649 Directory Traversal Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94498

MoinMoin Multiple HTML Injection Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94259

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93643

Wordpress csv2wpec-coupon Plugin CVE-2015-1000013 Arbitrary File Upload Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94497Linux Kernel 'usbhid/hiddev.c' Local Heap Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91450

Linux Kernel CVE-2016-7117 Use-After-Free Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93304

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93793

PHP 'ext/session/session.c' Remote Code Injection Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92552

SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2016-11-24
http://www.securityfocus.com/bid/73684

SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2016-11-24
http://www.securityfocus.com/bid/58796

IETF RFC 3279 X.509 Certificate MD5 Signature Collision Vulnerability
2016-11-24
http://www.securityfocus.com/bid/33065

Apache Tomcat Security Manager CVE-2016-5018 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93942

Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93944

Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93943

libTIFF CVE-2016-5320 Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91195

LibTIFF 'NeXTDecode()' Function Out of Bounds Write Memory Corruption Vulnerability
2016-11-24
http://www.securityfocus.com/bid/81696

Linux Kernel 'ip_tunnel.c' Local Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94500

GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94499

w3m Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94464

Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94295

LXC CVE-2016-8649 Directory Traversal Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94498

MoinMoin Multiple HTML Injection Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94259

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93643

Wordpress csv2wpec-coupon Plugin CVE-2015-1000013 Arbitrary File Upload Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94497

WordPress mypixs Plugin CVE-2015-1000012 Local File Include Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94495

Ipswitch WhatsUp Gold CVE-2016-1000000 SQL Injection Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94496

Multiple Samsung Galaxy Product CVE-2016-9567 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94494

Oracle Java SE CVE-2016-5582 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93623

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93637

Oracle Java SE CVE-2016-5556 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93618

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93621

libdwarf CVE-2016-9558 Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94491OpenSSL 'crypto/asn1/a_d2i_fp.c' Local Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/87940

OpenSSL CVE-2016-2105 Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/89757

Palo Alto Networks PAN-OS CVE-2016-9151 Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94400

GNU Bash CVE-2016-9401 Local Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94398

Multiple IBM Products CVE-2015-2017 HTTP Response Splitting Vulnerability
2016-11-24
http://www.securityfocus.com/bid/78457

OpenSSH CVE-2016-6210 User Enumeration Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91812

Linux-PAM '_unix_run_helper_binary()' Function Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/75428

OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/76317

OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/75525

'pam_userdb' Module CVE-2013-7041 Password Hashes Security Weakness
2016-11-24
http://www.securityfocus.com/bid/64180

Oracle Java SE CVE-2016-3598 Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91918

IBM Tivoli Storage Manager CVE-2016-0371 Local Information Disclosure Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94148

Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91818

Teeworlds 'client.cpp' Memory Corruption Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94381

OpenSSL CVE-2016-0797 Multiple Integer Overflow Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/83763

OpenSSL CVE-2016-0705 Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/83754

OpenSSL CVE-2016-0798 Memory Leak Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/83705

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2016-11-24
http://www.securityfocus.com/bid/89746

OpenSSL CVE-2016-2106 Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/89744

MyBB Versions Prior To 1.8.8 Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94396

MyBB Prior to 1.8.6 Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94397

MyBB Prior to 1.8.7 Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94395

Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94295

Multiple Android Products CVE-2016-6564 Man in the Middle Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94393

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94394

Multiple Siemens IP CCTV Cameras CVE-2016-9155 Information Disclosure Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94392

IBM Sterling B2B Integrator CVE-2016-5890 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94391

IBM Kenexa LCMS Premier on Cloud CVE-2016-5948 Cross Site Scripting Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94388

IBM Sterling B2B Integrator CVE-2016-3057 Unspecified Cross Site Scripting Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94389

IBM Kenexa LCMS Premier on Cloud CVE-2016-5937 Cross Site Request Forgery Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94390Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94295

LXC CVE-2016-8649 Directory Traversal Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94498

MoinMoin Multiple HTML Injection Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94259

Oracle Java SE CVE-2016-5542 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93643

Wordpress csv2wpec-coupon Plugin CVE-2015-1000013 Arbitrary File Upload Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94497

WordPress mypixs Plugin CVE-2015-1000012 Local File Include Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94495

Ipswitch WhatsUp Gold CVE-2016-1000000 SQL Injection Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94496

Multiple Samsung Galaxy Product CVE-2016-9567 Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94494

Oracle Java SE CVE-2016-5582 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93623

Oracle Java SE CVE-2016-5554 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93637

Oracle Java SE CVE-2016-5556 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93618

Oracle Java SE CVE-2016-5597 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93636

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93628

Oracle Java SE CVE-2016-5568 Use-After-Free Remote Code Execution Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93621

libdwarf CVE-2016-9558 Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94491

ImageMagick CVE-2016-9556 Heap Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94492

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/93150

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92984

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-11-24
http://www.securityfocus.com/bid/91081

Foxit Reader and PhantomPDF Multiple Security Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/94370

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92628

Red Hat Ceph CVE-2016-8626 Remote Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94488

JasPer 'jas_image.c' Integer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94490

ImageMagick CVE-2016-9559 Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/94489

Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
2016-11-24
http://www.securityfocus.com/bid/69258

TestDisk 'Check_OS2MB()' Method Stack Buffer Overflow Vulnerability
2016-11-24
http://www.securityfocus.com/bid/74410

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2016-11-24
http://www.securityfocus.com/bid/92117

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-11-24
http://www.securityfocus.com/bid/92987

SANS News

 

Threatpost

 

Exploit

UCanCode - Multiple Vulnerabilities

Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow

Windows x64 - Download & Execute Shellcode (358 bytes)

GNU Wget < 1.18 - Access List Bypass / Race Condition

Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation...

23.11.2016

Bugtraq

CVE-2015-1251: Chrome blink Speech­Recognition­Controller use-after-free details 2016-11-23
Berend-Jan Wever (berendj nwever nl)

[SYSS-2016-106] EASY HOME Alarmanlagen-Set - Missing Protection against Replay Attacks 2016-11-23
matthias deeg syss de

[SYSS-2016-072] Olympia Protect 9061 - Missing Protection against Replay Attacks 2016-11-23
matthias deeg syss de

[CORE-2016-0007] - TP-LINK TDDP Multiple Vulnerabilities 2016-11-22
CORE Advisories Team (advisories coresecurity com)

CVE-2015-0050: Microsoft Internet Explorer 8 MSHTML SRunPointer::SpanQualifier/RunType OOB read details 2016-11-22
Berend-Jan Wever (berendj nwever nl)

Web vulnerabilities in Siemens S7-300/S7-400/CP343-1/CP443-1 2016-11-21
Andrea Barisani (andrea inversepath com)

[SECURITY] [DSA 3719-1] wireshark security update 2016-11-21
Sebastien Delafond (seb debian org)

Malware

Ransom.PrincessLocker

W32.Disttrack.B

Phishing

NatWest

23rd November 2016

New online login
authentication procedures

Apple Support

21st November 2016

Apple Account

USAA

19th November 2016

MY SUBJECT

Vulnerebility

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/65400

Spring Framework CVE-2013-6429 Multiple XML External Entity Injection Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/64947

Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91818

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91453

dotCMS Multiple SQL Injection Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/94311

ImageMagick ' MagickCore/fx.c' Heap Buffer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94310

Linux Kernel 'crypto/algif_hash.c' Local Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94309

Jenkins 'Java Deserialization' Remote Code Execution Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94281

IBM Security Privileged Identity Manager Brute Force Authentication Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94308

pycsw CVE-2016-8640 SQL Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94302

IBM Kenexa LMS on Cloud CVE-2016-6123 Unspecified Cross-Site Scripting Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94305

IBM Kenexa LMS on Cloud CVE-2016-6124 Arbitrary File Upload Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94306

IBM Connections CVE-2016-2957 Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94300

IBM Kenexa LMS on Cloud CVE-2016-8913 Directory Traversal Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94304

BigTree CMS SQL Injection and Cross Site Scripting Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/94299

Exponent CMS SQL Injection Vulnerability and Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94296

IBM Kenexa LMS on Cloud CVE-2016-8920 Unspecified Cross-Site Scripting Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94303

IBM Kenexa LMS on Cloud CVE-2016-6126 Directory Traversal Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94301

TYPO3 TC Directmail Extension Open Redirection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94291

MuJS CVE-2016-9294 Null Pointer Deference Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94293

Git for Windows CVE-2016-9274 Unspecified Untrusted Search Path vulnerability
2016-11-23
http://www.securityfocus.com/bid/94289

p7zip Null Pointer Dereference CVE-2016-9296 Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94294

Samsung Mobile Phones SystemUI CVE-2016-9277 Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94292

TYPO3 Secure Download Form Extension Unspecified Cross Site Scripting Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94288

TYPO3 Member Infosheets Extension SQL Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94290

Multiple Huawei Products CVE-2016-8773 Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94285

Samsung Mobile Phones Information Disclosure and Denial of Service Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/94283

TYPO3 Code Highlighter Extension Multiple Security Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/94287

TYPO3 Shibboleth Authentication Extension Unspecified SQL Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/94286

libdwarf Multiple Heap Based Buffer Overflow Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/94284OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91081

Novell NetIQ Identity Manager CVE-2015-0787 HTML Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93972

Wordpress contus-video-comments Plugin 'save.php' Arbitrary File Upload Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93967

Moodle CVE-2016-7919 Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93971

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93153

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/92630

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91319

SAP Hybris Management Console CVE-2016-6858 HTML Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93966

Joomla! Core CVE-2016-9081 Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93969

HP ThinkPwn UEFI BIOS 'SmmRuntime' Remote Privilege Escalation Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93958

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93964

Cisco AsyncOS CVE-2016-1480 Remote Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93914

HP System Management Homepage Multiple Security Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/93961

SAP Hybris Management Console CVE-2016-6857 HTML Injection Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93960

QEMU 'v9fs_link()' Function Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93965

PHP CVE-2016-5385 Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91821

Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91816

OpenSSL CVE-2016-2106 Integer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/89744

PHP 'snmp.c' Remote Format String Vulnerability
2016-11-23
http://www.securityfocus.com/bid/85800

Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
2016-11-23
http://www.securityfocus.com/bid/91818

QEMU 'hw/9pfs/9p.c' Integer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93956

SAP Hybris CVE-2016-6859 Information Disclosure Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93959

QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93962

SAP Hybris Management Console CVE-2016-6856 Cross Site Scripting Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93954

QEMU 'hw/net/eepro100.c' Denial of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/93957

PHP 'php_raw_url_encode()' Function Integer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/85801

PHP 'ext/phar/phar_object.c' Heap Buffer Overflow Vulnerability
2016-11-23
http://www.securityfocus.com/bid/89154

PHP CVE-2016-4539 Remote Denial Of Service Vulnerability
2016-11-23
http://www.securityfocus.com/bid/90174

PHP 'bcmath.c' Multiple Local Heap Overflow Vulnerabilities
2016-11-23
http://www.securityfocus.com/bid/90173

SANS News

Mapping Attack Methodology to Controls

Threatpost

Microsoft Cutting Off SHA-1 Support in February for Edge, IE 11

InPage Zero Day Used in Attacks Against Banks

Uber Portal Leaked Names, Phone Numbers, Email Addresses, Unique Identifiers

Exploit

Linux Kenrel 2.6.10 < 2.6.31.5 - 'pipe.c' Privilege Escalation

Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak

Linux Kernel 2.6.18 - 'move_pages()' Information Leak

Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow (PoC)

Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes)

Crestron AM-100 - Multiple Vulnerabilities

SAP NetWeaver AS JAVA - 'BC-BMT-BPM-DSK' XML External Entity Injection

EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution

AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting

Microsoft Internet Explorer 8 MSHTML - 'Ptls5::Ls­Find­Span­Visual­Boundaries' Mem...

TP-LINK TDDP - Multiple Vulnerabilities

22.11.2016

Bugtraq

[CORE-2016-0007] - TP-LINK TDDP Multiple Vulnerabilities 2016-11-22
CORE Advisories Team (advisories coresecurity com)

CVE-2015-0050: Microsoft Internet Explorer 8 MSHTML SRunPointer::SpanQualifier/RunType OOB read details 2016-11-22
Berend-Jan Wever (berendj nwever nl)

Web vulnerabilities in Siemens S7-300/S7-400/CP343-1/CP443-1 2016-11-21
Andrea Barisani (andrea inversepath com)

[SECURITY] [DSA 3719-1] wireshark security update 2016-11-21
Sebastien Delafond (seb debian org)

[ERPSCAN-16-034] SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component 2016-11-21
ERPScan inc (erpscan online gmail com)

Nginx (Debian-based distros) - Root Privilege Escalation (CVE-2016-1247) 2016-11-21
Dawid Golunski (dawid legalhackers com)

[RCESEC-2016-009] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Persistent Cross-Site Scripting 2016-11-20
Julien Ahrens (info rcesecurity com)

[RCESEC-2016-008] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Full Path Information Disclosure 2016-11-20
Julien Ahrens (info rcesecurity com)

Malware

 

Phishing

 

Vulnerebility

IBM Business Process Manager Advanced and WebSphere Process Server Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/85089

IBM Mashups Center CVE-2015-7400 XML External Entity Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/77986

IBM Mashups CVE-2015-7407 Cross Site Request Forgery Vulnerability
2016-11-22
http://www.securityfocus.com/bid/78455

OpenSSL CVE-2015-3197 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/82237

Cryptsetup CVE-2016-4484 Multiple Local Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94315

OpenSSL CVE-2016-0701 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/82233

OpenSSL CVE-2016-0797 Multiple Integer Overflow Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/83763

Oracle Java SE CVE-2016-5573 Remote Security Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93628

mongodb-clients CVE-2016-6494 Local Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92204

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/91453

Multiple IBM DB2 Products CVE-2016-5995 Local Privilege Escalation Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93012

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2016-11-22
http://www.securityfocus.com/bid/91319

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92557

SSL/TLS Protocol CVE-2016-2183 Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92630

XStream CVE-2016-3674 XML External Entity Multiple Information Disclosure Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/85381

Perl CVE-2016-1238 Local Privilege Escalation Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92136

Perl CVE-2015-8853 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/86707

Perl 'perl.c' CVE-2016-2381 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/83802

Apache Tomcat CVE-2016-6816 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94461

Apache Tomcat CVE-2016-6817 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94462

w3m Multiple Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94464

w3m Multiple Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94407

Multiple Siemens Products Cross Site Request Forgery and Information Disclosure Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94460

Google Chrome Multiple Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94196

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93171

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93153

OpenSSH CVE-2016-6210 User Enumeration Vulnerability
2016-11-22
http://www.securityfocus.com/bid/91812

OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93150

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7255 Local Privilege Escalation Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94064

LibTIFF 'tools/tiffcrop.c' Multiple Heap Buffer Overflow Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94424

PHP CVE-2016-7418 Out-of-Bounds Read Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93011

PHP CVE-2016-7413 Use After Free Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93006

PHP 'ext/spl/spl_array.c' Remote Denial Of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93007

PHP CVE-2016-7131 NULL pointer Dereference Remote Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92768

PHP 'ext/standard/var_unserializer.c' Memory Corruption Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93009

PHP 'ext/exif/exif.c' Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92564

PHP CVE-2016-7132 NULL pointer Dereference Remote Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92767

PHP 'ext/gd/gd.c' Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92757

PHP 'ext/wddx/wddx.c' Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92764

PHP 'wddx_deserialize()' Function Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92758

PHP 'ext/gd/gd.c' Heap Based Buffer Overflow Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92755

PHP 'ext/session/session.c' Remote Code Injection Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92552

PHP '__wakeup()' Function Remote Code Execution Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92756

Mozilla Firefox Multiple Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/92258

Mozilla Firefox Multiple Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/92261

Moodle CVE-2016-8644 Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94458

Moodle MSA-16-0026 Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94456

Moodle CVE-2016-8643 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94457

NTP CVE-2016-7433 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94455

NTP CVE-2016-7426 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94451

NTP CVE-2016-7429 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94453

NTP CVE-2016-9310 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94452

NTP CVE-2016-7431 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94454

NTP CVE-2016-7434 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94448

NTP CVE-2016-9312 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94450

AppFusions Doxygen for Atlassian Confluence HTML Injection Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94449

NTP CVE-2016-7428 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94446

Ipsilon CVE-2016-8638 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94439Mozilla Firefox Multiple Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/92258

Mozilla Firefox Multiple Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/92261

Moodle CVE-2016-8644 Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94458

Moodle MSA-16-0026 Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94456

Moodle CVE-2016-8643 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94457

NTP CVE-2016-7433 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94455

NTP CVE-2016-7426 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94451

NTP CVE-2016-7429 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94453

NTP CVE-2016-9310 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94452

NTP CVE-2016-7431 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94454

NTP CVE-2016-7434 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94448

NTP CVE-2016-9312 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94450

AppFusions Doxygen for Atlassian Confluence HTML Injection Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94449

NTP CVE-2016-7428 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94446

Ipsilon CVE-2016-8638 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94439

NTP CVE-2016-7427 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94447

PHP 'unserialize()' Function Use After Free Remote Code Execution Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93577

Wireshark Multiple Denial of Service Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94369

MIT Kerberos 5 CVE-2015-2695 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/90687

MIT Kerberos 5 CVE-2015-2696 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/90675

MIT Kerberos 5 CVE-2015-2697 Remote Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/77581

AppFusions Doxygen for Atlassian Confluence Full Path Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94445

Multiple IBM Products CVE-2016-0203 Local Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94440

IBM Social Rendering Templates for Digital Data Connector Cross Site Scripting Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94443

AppFusions Doxygen for Atlassian Confluence Directory Traversal Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94442

NTP CVE-2016-9311 NULL Pointer Dereference Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94444

Moodle CVE-2016-8642 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94441

Multiple IBM Products CVE-2015-7494 Local Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94438

imlib2 CVE-2014-9764 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/90962

Imlib2 'image.h' Integer Overflow Vulnerability
2016-11-22
http://www.securityfocus.com/bid/86073OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92117

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/92628

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/93153

Barco ClickShare CVE-2016-3152 Arbitrary File Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94326

Barco ClickShare CVE-2016-3149 Remote Code Execution Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94323

Exponent CMS CVE-2016-9287 SQL Injection Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94322

Google Pixel Unspecified Remote Code Execution Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94321

OwnCloud Multiple Security vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94318

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/91453

Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
2016-11-22
http://www.securityfocus.com/bid/91068

Apache Struts CVE-2016-1182 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/91067

DERAEMON-CMS CVE-2016-7813 Multiple Cross Site Scripting Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94320

IBM WebSphere Application Server CVE-2016-0359 HTTP Response Splitting Vulnerability
2016-11-22
http://www.securityfocus.com/bid/91484

Adobe Flash Player Unspecified Privilege Escalation Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94319

OpenSSL 'crypto/asn1/a_d2i_fp.c' Local Denial of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/87940

OpenSSL CVE-2016-2105 Buffer Overflow Vulnerability
2016-11-22
http://www.securityfocus.com/bid/89757

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2016-11-22
http://www.securityfocus.com/bid/89746

Cryptsetup CVE-2016-4484 Multiple Local Security Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94315

OpenSSL CVE-2016-2106 Integer Overflow Vulnerability
2016-11-22
http://www.securityfocus.com/bid/89744

Apple Safari Unspecified Remote Code Execution Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94317

Ubuntu Linux 'libgstnsf.so' Remote Code Execution Vulnerability
2016-11-22
http://www.securityfocus.com/bid/94316

Python DLL Loading 'readline.pyd' Remote Code Execution Vulnerability
2016-11-22
http://www.securityfocus.com/bid/76929

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/67121

VMware Workstation Multiple Unspecified Remote Privilege Escalation Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94314

Microsoft Edge Multiple Unspecified Privilege Escalation Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/94313

Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
2016-11-22
http://www.securityfocus.com/bid/75919

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/66397

Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability
2016-11-22
http://www.securityfocus.com/bid/83326

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2016-11-22
http://www.securityfocus.com/bid/65400

Spring Framework CVE-2013-6429 Multiple XML External Entity Injection Vulnerabilities
2016-11-22
http://www.securityfocus.com/bid/64947

SANS News

ZIP With Comment

Threatpost

Microsoft Cutting Off SHA-1 Support in February for Edge, IE 11

Office 365 Vulnerability Identified Bogus Microsoft.com Email as Valid

DoD Publishes Vulnerability Disclosure Policy

WordPress Plugins Leave Black Friday Shoppers Vulnerable

Exploit Code Released for NTP Vulnerability

Exploit

EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution

Wordpress Plugin Olimometer 2.56 - SQL Injection

Huawei UTPS - Unquoted Service Path Privilege Escalation

Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes)

Tetris Heap Spraying: Spraying the Heap on a Budget

Microsoft Internet Explorer 8 jscript - 'Reg­Exp­Base::FBad­Header' Use-After-Free (...

Microsoft Edge - 'CText­Extractor::Get­Block­Text' Out-of-Bounds Read (MS16-104)

Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)

Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit)

Wordpress Plugin Olimometer 2.56 - SQL Injection

FUDforum 3.0.6 - Local File Inclusion

FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery

LEPTON 2.2.2 - Remote Code Execution

LEPTON 2.2.2 - SQL Injection

Mezzanine 4.2.0 - Cross-Site Scripting

WordPress Plugin Instagram Feed 1.4.6.2 - Cross-Site Request Forgery

NTP 4.2.8p8 - Denial of Service

21.11.2016

Bugtraq

[SECURITY] [DSA 3719-1] wireshark security update 2016-11-21
Sebastien Delafond (seb debian org)

[ERPSCAN-16-034] SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component 2016-11-21
ERPScan inc (erpscan online gmail com)

Nginx (Debian-based distros) - Root Privilege Escalation (CVE-2016-1247) 2016-11-21
Dawid Golunski (dawid legalhackers com)

[RCESEC-2016-009] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Persistent Cross-Site Scripting 2016-11-20
Julien Ahrens (info rcesecurity com)

[RCESEC-2016-008] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Full Path Information Disclosure 2016-11-20
Julien Ahrens (info rcesecurity com)

[RCESEC-2016-007] AppFusions Doxygen for Atlassian Confluence v1.3.0 getTemporaryDirectory() tempId Path Traversal/Remote Code Execution 2016-11-20
Julien Ahrens (julien ahrens rcesecurity com)

Multiple issues in OpManager 12100 & 12200 2016-11-20
Michael Heydon (michael mheydon net)

[security bulletin] HPSBHF03675 rev.1 - HPE Integrated Lights-Out 3 and 4 (iLO 3, iLO 4), Cross-Site Scripting (XSS) 2016-11-20
security-alert hpe com

Putty Cleartext Password Storage 2016-11-20
apparitionsec gmail com/hyp3rlinx

Malware

Ransom.Crypton

Backdoor.Freeload

W97M.Downloader.L

Exp.CVE-2016-7857

Exp.CVE-2016-7858

Exp.CVE-2016-7859

Exp.CVE-2016-7860

Exp.CVE-2016-7861

Exp.CVE-2016-7862

Exp.CVE-2016-7863

Exp.CVE-2016-7864

Exp.CVE-2016-7865

Phishing

Apple Support

21st November 2016

Apple Account

USAA

19th November 2016

MY SUBJECT

Vulnerebility

Apple iOS and Mac OS Multiple Security Bypass Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94429

Apple iOS Information Disclosure and Denial of Service Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94432

Jasper 'jpc_tsfb.c' Stack Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94428

Apple Mac OS X Multiple Remote Code Execution Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94431

WebKit CVE-2016-4764 Multiple Memory Corruption Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94430

HP Integrated Lights-Out CVE-2016-4406 Unspecified Cross Site Scripting Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94426

Google Android '/native/libs/binder/Parcel.cpp' Security Bypass Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94425

GStreamer Bad Plug-ins CVE-2016-9447 Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94427

LibTIFF 'tools/tiffcrop.c' Multiple Heap Buffer Overflow Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94424

GStreamer Bad Plug-ins 'vmnc/vmncdec.c' Information Disclosure Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94423

ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/93188

ISC BIND CVE-2016-2775 Remote Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/92037

Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94295

GStreamer Bad Plug-ins CVE-2016-9445 Integer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94421

Drupal Core Multiple Security Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94367

LibTIFF 'tif_dirread.c' Incomplete Fix Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94420

LibTIFF 'tiff2pdf.c' Out Of Bounds Write Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94406

LibTIFF 'tif_print.c' Out Of Bounds Read Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94419

Apache OpenOffice CVE-2016-6803 Local Privilege Escalation Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94418

HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94416

HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94417

IBM Connections CVE-2016-2953 Man in the Middle Information Disclosure Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94415

HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94414

IBM Web Content Manager Production Analytics Unspecified Cross Site Scripting Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94413

w3m Multiple Security Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94407

RETIRED: Oracle Integrated Lights Out Manager CVE-2015-5600 Remote Security Vulnerability
2016-11-21
http://www.securityfocus.com/bid/92012

OpenSSH Login Handling Security Bypass Weakness
2016-11-21
http://www.securityfocus.com/bid/75990

HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94411

WordPress Post Indexer Plugin 'classes/class.model.php' SQL Injection Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94410

Huawei Flybox B660 3G/4G Router Authentication Bypass Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94408ISC BIND 'buffer.c' Remote Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/93188

ISC BIND CVE-2016-2775 Remote Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/92037

Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94295

Drupal Core Multiple Security Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94367

LibTIFF 'tiff2pdf.c' Out Of Bounds Write Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94406

LibTIFF 'tif_print.c' Out Of Bounds Read Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94419

Apache OpenOffice CVE-2016-6803 Local Privilege Escalation Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94418

HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94416

HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94417

IBM Connections CVE-2016-2953 Man in the Middle Information Disclosure Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94415

HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94414

IBM Web Content Manager Production Analytics Unspecified Cross Site Scripting Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94413

w3m Multiple Security Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94407

RETIRED: Oracle Integrated Lights Out Manager CVE-2015-5600 Remote Security Vulnerability
2016-11-21
http://www.securityfocus.com/bid/92012

OpenSSH Login Handling Security Bypass Weakness
2016-11-21
http://www.securityfocus.com/bid/75990

HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94411

WordPress Post Indexer Plugin 'classes/class.model.php' SQL Injection Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94410

Huawei Flybox B660 3G/4G Router Authentication Bypass Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94408

Lepton Multiple Security Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94412

ImageMagick Multiple Heap Overflow Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/90611

RETIRED: Linux Kernel Random Memory Pointer Dereference Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/66775

Multiple Lenovo ThinkPad Products CVE-2016-8222 Local Security Bypass Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94409

Multiple Huawei Products CVE-2016-8796 Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94405

Huawei Smart Phones Multiple Local Denial of Service Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94404

Huawei UTPS CVE-2016-8769 Local Privilege Escalation Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94403

Multiple Huawei CloudEngine Products CVE-2016-8790 Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94402

Palo Alto Networks PAN-OS CVE-2016-9150 Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94399

IBM Spectrum Scale and IBM GPFS Local Command Execution Vulnerability
2016-11-21
http://www.securityfocus.com/bid/92408

IBM Spectrum Scale and IBM GPFS CVE-2016-2984 Local Command Execution Vulnerability
2016-11-21
http://www.securityfocus.com/bid/92410

IBM WebSphere Application Server CVE-2016-5986 Information Disclosure Vulnerability
2016-11-21
http://www.securityfocus.com/bid/93013Apache OpenOffice CVE-2016-6803 Local Privilege Escalation Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94418

HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94416

HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94417

IBM Connections CVE-2016-2953 Man in the Middle Information Disclosure Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94415

HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94414

IBM Web Content Manager Production Analytics Unspecified Cross Site Scripting Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94413

w3m Multiple Security Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94407

RETIRED: Oracle Integrated Lights Out Manager CVE-2015-5600 Remote Security Vulnerability
2016-11-21
http://www.securityfocus.com/bid/92012

OpenSSH Login Handling Security Bypass Weakness
2016-11-21
http://www.securityfocus.com/bid/75990

HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94411

WordPress Post Indexer Plugin 'classes/class.model.php' SQL Injection Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94410

Huawei Flybox B660 3G/4G Router Authentication Bypass Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94408

Lepton Multiple Security Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94412

ImageMagick Multiple Heap Overflow Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/90611

RETIRED: Linux Kernel Random Memory Pointer Dereference Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/66775

Multiple Lenovo ThinkPad Products CVE-2016-8222 Local Security Bypass Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94409

Multiple Huawei Products CVE-2016-8796 Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94405

LibTIFF 'tiff2pdf.c' Out Of Bounds Write Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94406

Huawei Smart Phones Multiple Local Denial of Service Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/94404

Huawei UTPS CVE-2016-8769 Local Privilege Escalation Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94403

Multiple Huawei CloudEngine Products CVE-2016-8790 Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94402

Palo Alto Networks PAN-OS CVE-2016-9150 Buffer Overflow Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94399

IBM Spectrum Scale and IBM GPFS Local Command Execution Vulnerability
2016-11-21
http://www.securityfocus.com/bid/92408

IBM Spectrum Scale and IBM GPFS CVE-2016-2984 Local Command Execution Vulnerability
2016-11-21
http://www.securityfocus.com/bid/92410

IBM WebSphere Application Server CVE-2016-5986 Information Disclosure Vulnerability
2016-11-21
http://www.securityfocus.com/bid/93013

Palo Alto Networks PAN-OS CVE-2016-9149 XPath Injection Vulnerability
2016-11-21
http://www.securityfocus.com/bid/94401

curl/libcURL CVE-2016-7167 Multiple Integer Overflow Vulnerabilities
2016-11-21
http://www.securityfocus.com/bid/92975

Apache Struts CVE-2016-4003 Cross Site Scripting Vulnerability
2016-11-21
http://www.securityfocus.com/bid/86311

Apache Struts CVE-2016-3093 Denial of Service Vulnerability
2016-11-21
http://www.securityfocus.com/bid/90961

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2016-11-21
http://www.securityfocus.com/bid/89746

SANS News

How many ?Epoch? times? Epocalypse.py timestamp converter

Threatpost

Nemucod Infections Spreading Locky Over Facebook

Credentials Accessible in Siemens-Branded CCTV Cameras

Exploit

CMS Made Simple 2.1.5 - Cross-Site Scripting

ScriptCase 8.1.053 - Multiple Vulnerabilities

20.11.2016

Bugtraq

CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details 2016-11-18
Berend-Jan Wever (berendj nwever nl)

Reason Core Security v1.2.0.1 - Unqoted Path Privilege Escalation Vulnerability 2016-11-18
Vulnerability Lab (research vulnerability-lab com)

Malware

 

Phishing

Apple Support

19th November 2016

Apple Account

SunTrust Bank

18th November 2016

Online Access Suspended

Chase Online

18th November 2016

Chase Online Notification

SERVICE ACCOUNT

18th November 2016

Account update - Receipt
#97548978

Vulnerebility

Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2016-11-19
http://www.securityfocus.com/bid/78209

Google Chrome Prior to 50.0.2661.102 Multiple Security Vulnerabilities
2016-11-19
http://www.securityfocus.com/bid/90584

OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2016-11-19
http://www.securityfocus.com/bid/78623

Node.js CVE-2016-2216 HTTP Response Splitting Vulnerability
2016-11-19
http://www.securityfocus.com/bid/83141

Node.js CVE-2016-2086 HTTP Request Smuggling Vulnerability
2016-11-19
http://www.securityfocus.com/bid/83282

Node.js CVE-2015-8027 Unspecified Denial of Service Vulnerability
2016-11-19
http://www.securityfocus.com/bid/78207

OpenSSL CVE-2016-0705 Denial of Service Vulnerability
2016-11-19
http://www.securityfocus.com/bid/83754

OpenSSL CVE-2016-0797 Multiple Integer Overflow Vulnerabilities
2016-11-19
http://www.securityfocus.com/bid/83763

Honeywell Experion PKS CVE-2016-8344 Denial of Service Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93950

WebKit Memory Corruption and Information Disclosure Vulnerabilities
2016-11-19
http://www.securityfocus.com/bid/93949

BMC Server Automation RSCD Agent CVE-2016-5063 Authorization Bypass Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93948

Citrix NetScaler ADC CVE-2016-9028 Open Redirection Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93947

Adobe Flash Player CVE-2016-7855 Use After Free Remote Code Execution Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93861

Juniper Junos 'udp6_ctlinput()' Function Denial of Service Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93946

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93793

Apache CloudStack CVE-2016-6813 Authorization Bypass Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93945

FreeImage CVE-2016-5684 Remote Code Execution Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93287

dcraw 'dcraw.cc' Integer Overflow Vulnerability
2016-11-19
http://www.securityfocus.com/bid/74590

Apache Tomcat Security Manager CVE-2016-6796 Security Bypass Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93944

Apache Tomcat CVE-2016-6794 Security Bypass Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93943

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
2016-11-19
http://www.securityfocus.com/bid/91453

Apache Tomcat Security Manager CVE-2016-5018 Security Bypass Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93942

Apache Tomcat CVE-2016-6797 Security Bypass Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93940

Apache Tomcat CVE-2016-0762 Information Disclosure Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93939

Python urllib3 CVE-2016-9015 TLS Certificate Validation Security Bypass Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93941

Iceni Argus 'ipfSetColourStroke()' Function Remote Stack Buffer Overflow Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93938

Iceni Argus 'ipNameAdd()' Function Remote Stack Buffer Overflow Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93936

GNU Tar CVE-2016-6321 Security Bypass Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93937

Huawei Mate 8 CVE-2016-8756 Local Denial of Service Vulnerability
2016-11-19
http://www.securityfocus.com/bid/93935

Cisco ACE CVE-2016-6399 Denial of Service Vulnerability
2016-11-19
http://www.securityfocus.com/bid/92867

SANS News

2016-11-18 example of KaiXin EK activity

VBA Shellcode and Windows 10

Threatpost

Qualcomm and HackerOne Partner on Bounty Program

Drupal Fixes ‘Moderately Critical’ Vulnerabilities in Core Engine

Exploit

Microsoft Edge - 'Array.reverse' Overflow

Microsoft Edge - 'Array.filter' Info Leak

Microsoft Edge - 'FillFromPrototypes' Type Confusion

Palo Alto Networks PanOS root_reboot - Privilege Escalation

Palo Alto Networks PanOS root_trace - Privilege Escalation

Palo Alto Networks PanOS appweb3 - Stack Buffer Overflow

18.11.2016

Bugtraq

CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details 2016-11-18
Berend-Jan Wever (berendj nwever nl)

Reason Core Security v1.2.0.1 - Unqoted Path Privilege Escalation Vulnerability 2016-11-18
Vulnerability Lab (research vulnerability-lab com)

[ERPSCAN-16-031] SAP NetWeaver AS ABAP â?? directory traversal using READ DATASET 2016-11-18
ERPScan inc (erpscan online gmail com)

[ERPSCAN-16-032] SAP Telnet Console â?? Directory traversal vulnerability 2016-11-18

Executable installers are vulnerable^WEVIL (case 41): EmsiSoft's Emergency Kit allows elevation of privilege for everybody 2016-11-17
Stefan Kanthak (stefan kanthak nexgo de)

[SECURITY] [DSA 3716-1] firefox-esr security update 2016-11-16
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBGN03676 rev.1 - HPE Helion OpenStack Glance Image Service, Remote Denial of Service (DoS) 2016-11-16
security-alert hpe com

CVE-2015-2482 MSIE 8 jscript RegExpBase::FBadHeader use-after-free details 2016-11-16
Berend-Jan Wever (berendj nwever nl)

[security bulletin] HPSBST03671 rev.1 - HPE StoreEver MSL6480 Tape Library, Remote Unauthorized Disclosure of Information 2016-11-15
security-alert hpe com

Actiontec WCB3000N (Telus Branded) Local Unauthenticated Privilege Elevation and Password Reset 2016-11-15
Andrew Klaus (andrewklaus gmail com)

CVE-2016-4484: - Cryptsetup Initrd root Shell 2016-11-14
Hector Marco (hmarco hmarco org) (1 replies)

Re: [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell 2016-11-15
Leo Famulari (leo famulari name)

[security bulletin] HPSBUX03665 rev.2 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS) and URL Redirection 2016-11-14
security-alert hpe com

[security bulletin] HPSBGN03669 rev.1 - HPE SiteScope, Local Elevation of Privilege, Remote Denial of Service, Arbitrary Code Execution and Cross-Site Request Forgery 2016-11-14
security-alert hpe com

SEC Consult SA-20161114-0 :: Multiple vulnerabilities in I-Panda SolarEagle - Solar Controller Administration Software / MPPT Solar Controller SMART2 2016-11-14
SEC Consult Vulnerability Lab (research sec-consult com)

WHM Panel Mail Delivery Reports crash database Vulnerability 2016-11-13
iedb team gmail com

Multiple vulnerabilities in Barco Clickshare 2016-11-14
vincent ruijter kpn com

WHM Panel Mail Delivery Reports crash database Vulnerability 2016-11-12
iedb team gmail com

CVE-2015-0040: Microsoft Internet Explorer 11 MSHTML CMapElement::Notify use-after-free details 2016-11-14
Berend-Jan Wever (berendj nwever nl)

[CVE-2016-8736] Apache Openmeetings RMI Registry Java Deserialization RCE 2016-11-13
Maxim Solodovnik (solomax apache org)

CVE-2016-9277: A IDX Out of Bound vulnerability in systemui can make crash and ui restart 2016-11-12
unlimitsec gmail com

[SECURITY] [DSA 3711-1] mariadb-10.0 security update 2016-11-11
Salvatore Bonaccorso (carnil debian org)

Malware

PWS:Win32/Hoardy
Trojan:Win32/Godzilia.A
TrojanDownloader:JS/Crimace.A
Ransom:Win32/WinPlock.A
TrojanSpy:MSIL/Omaneat.H!bit
TrojanDropper:Win32/Sality!rfn

Trojan.Flokibot

W97M.Empstage

Trojan.Powerduke

Ransom.PCsurveyLocker

Ransom.Ransoc

Phishing

SERVICE ACCOUNT

18th November 2016

Account update - Receipt
#97548978

Wells Fargo

18th November 2016

Alert: Unread new SECURED
message

Martin Cox

17th November 2016

Account Overdue (Please Review
Today)

Martin Cox

17th November 2016

Verification Required

noreply@amazon.com

17th November 2016

Important message please read

Apple

17th November 2016

Your Apple ID was used to sign
in to iMessage on an iPhone 6.

USAA

17th November 2016

INCOMING PAYMENT PENDING YOUR
APPROVAL

PayPal

17th November 2016

Second reminder to respond to
PayPal claim: Case ID
#PP-003-153-234-760

No reply

16th November 2016

Request to Close Your Account

USAA

16th November 2016

Urgent - Incoming Payment
Transfer On Hold

HM Revenue &

16th November 2016

HM Revenue & Customs - You are
eligible to receive a tax
refund !

Warning from Amazon

16th November 2016

PLEASE CHECK YOUR BILLING
ADDRESS AND PAYMENT WITHIN 24
HOURS OR YOUR ACCOUNT WILL BE
REMOVED PERMANENTLY !

PayPal

16th November 2016

Your account has been limited
until you confirm your
personal data

Chase Online

15th November 2016

Dear Chase OnlineSM Customer

Amazon.com

15th November 2016

Security Alerts - Act Now!

SunTrust Bank

15th November 2016

Online Access Suspended

Vulnerebility

RETIRED: Linux Kernel Random Memory Pointer Dereference Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/66775

Multiple Lenovo ThinkPad Products CVE-2016-8222 Local Security Bypass Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94409

Multiple Huawei Products CVE-2016-8796 Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94405

LibTIFF 'tiff2pdf.c' Out Of Bounds Write Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94406

Huawei Smart Phones Multiple Local Denial of Service Vulnerabilities
2016-11-18
http://www.securityfocus.com/bid/94404

Huawei UTPS CVE-2016-8769 Local Privilege Escalation Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94403

Multiple Huawei CloudEngine Products CVE-2016-8790 Buffer Overflow Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94402

Palo Alto Networks PAN-OS CVE-2016-9150 Buffer Overflow Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94399

IBM Spectrum Scale and IBM GPFS Local Command Execution Vulnerability
2016-11-18
http://www.securityfocus.com/bid/92408

IBM Spectrum Scale and IBM GPFS CVE-2016-2984 Local Command Execution Vulnerability
2016-11-18
http://www.securityfocus.com/bid/92410

IBM WebSphere Application Server CVE-2016-5986 Information Disclosure Vulnerability
2016-11-18
http://www.securityfocus.com/bid/93013

Palo Alto Networks PAN-OS CVE-2016-9149 XPath Injection Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94401

curl/libcURL CVE-2016-7167 Multiple Integer Overflow Vulnerabilities
2016-11-18
http://www.securityfocus.com/bid/92975

Apache Struts CVE-2016-4003 Cross Site Scripting Vulnerability
2016-11-18
http://www.securityfocus.com/bid/86311

Apache Struts CVE-2016-3093 Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/90961

OpenSSL CVE-2016-2176 Information Disclosure Vulnerability
2016-11-18
http://www.securityfocus.com/bid/89746

OpenSSL 'crypto/asn1/a_d2i_fp.c' Local Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/87940

OpenSSL CVE-2016-2105 Buffer Overflow Vulnerability
2016-11-18
http://www.securityfocus.com/bid/89757

Palo Alto Networks PAN-OS CVE-2016-9151 Local Privilege Escalation Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94400

GNU Bash CVE-2016-9401 Local Security Bypass Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94398

Multiple IBM Products CVE-2015-2017 HTTP Response Splitting Vulnerability
2016-11-18
http://www.securityfocus.com/bid/78457

OpenSSH CVE-2016-6210 User Enumeration Vulnerability
2016-11-18
http://www.securityfocus.com/bid/91812

Linux-PAM '_unix_run_helper_binary()' Function Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/75428

OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2016-11-18
http://www.securityfocus.com/bid/76317

OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2016-11-18
http://www.securityfocus.com/bid/75525

'pam_userdb' Module CVE-2013-7041 Password Hashes Security Weakness
2016-11-18
http://www.securityfocus.com/bid/64180

Oracle Java SE CVE-2016-3598 Remote Code Execution Vulnerability
2016-11-18
http://www.securityfocus.com/bid/91918

IBM Tivoli Storage Manager CVE-2016-0371 Local Information Disclosure Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94148

Apache Tomcat CVE-2016-5388 Security Bypass Vulnerability
2016-11-18
http://www.securityfocus.com/bid/91818

Teeworlds 'client.cpp' Memory Corruption Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94381Multiple Android Products CVE-2016-6564 Man in the Middle Security Bypass Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94393

Moxa SoftCMS Multiple Security Vulnerabilities
2016-11-18
http://www.securityfocus.com/bid/94394

Multiple Siemens IP CCTV Cameras CVE-2016-9155 Information Disclosure Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94392

IBM Sterling B2B Integrator CVE-2016-5890 Security Bypass Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94391

IBM Kenexa LCMS Premier on Cloud CVE-2016-5948 Cross Site Scripting Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94388

IBM Sterling B2B Integrator CVE-2016-3057 Unspecified Cross Site Scripting Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94389

IBM Kenexa LCMS Premier on Cloud CVE-2016-5937 Cross Site Request Forgery Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94390

IBM Kenexa LCMS Premier on Cloud CVE-2016-5951 Unspecified Cross-Site Scripting Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94385

IBM Kenexa LCMS Premier on Cloud CVE-2016-5950 Information Disclosure Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94387

Veritas NetBackup Appliance CVE-2016-7399 Arbitrary Command Execution Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94384

Apereo Webproxy Portlet Information Disclosure Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94383

Teeworlds 'client.cpp' Memory Corruption Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94381

JasPer CVE-2016-9398 Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94382

JasPer Assertion Failure Multiple Denial of Service Vulnerabilities
2016-11-18
http://www.securityfocus.com/bid/94377

Apple Mac OS X APPLE-SA-2016-09-20 Multiple Security Vulnerabilities
2016-11-18
http://www.securityfocus.com/bid/93055

JasPer CVE-2016-9396 Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94379

JasPer CVE-2016-9399 Assertion Failure Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94380

OpenStack Glance CVE-2016-8611 Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94378

JasPer CVE-2016-9395 Assertion Failure Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94376

JasPer CVE-2016-9397 Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94373

JasPer CVE-2016-9387 Integer Overflow Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94374

JasPer CVE-2016-9394 Denial of Service Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94372

Jenkins 'Java Deserialization' Remote Code Execution Vulnerability
2016-11-18
http://www.securityfocus.com/bid/94281

JasPer Multiple Assertion Failures Denial of Service Vulnerabilities
2016-11-18
http://www.securityfocus.com/bid/94371

Foxit Reader and PhantomPDF Multiple Security Vulnerabilities
2016-11-18
http://www.securityfocus.com/bid/94370

Adobe Flash Player Type Confusion Multiple Remote Code Execution Vulnerabilities
2016-11-18
http://www.securityfocus.com/bid/94151

Wireshark Multiple Denial of Service Vulnerabilities
2016-11-18
http://www.securityfocus.com/bid/94369

Adobe Flash Player APSB16-37 Multiple Remote Code Execution Vulnerabilities
2016-11-18
http://www.securityfocus.com/bid/94153

Apache Struts CVE-2016-0785 Remote Code Execution Vulnerability
2016-11-18
http://www.securityfocus.com/bid/85066

Apache Struts CVE-2016-2162 Cross Site Scripting Vulnerability
2016-11-18
http://www.securityfocus.com/bid/85070

SANS News

Example of Getting Analysts & Researchers Away

Threatpost

Mozilla Patches 29 Vulnerabilities, Prevents MIME Confusion Attacks, in Firefox 50

IBM Opens Attack Simulation Test Center

iOS 10 Passcode Bypass Can Access Photos, Contacts

Google Removing SHA-1 Support in Chrome 56

Exploit

Windows x64 - Reverse Shell TCP Shellcode (694 bytes)

Wordpress Plugin Sirv 1.3.1 - SQL Injection

Wordpress Plugin Answer My Question 1.3 - SQL Injection

Microsoft Edge - 'eval' Type Confusion

FTPShell Client 5.24 - 'PWD' Remote Buffer Overflow

EditMe CMS - Cross-Site Request Forgery (Add New Admin)

Moxa SoftCMS 1.5 - Denial of Service (PoC)

Nagios 4.2.2 - Privilege Escalation