Databáze Hot News - Rok - Úvod  2018  2017  2016  2015  2014  2013  - 1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  List  - 2018  2017  2016  2015  2014  2013 
Poslední aktualizace v 08.10.2016 14:19:38

20.12.2017

Bugtraq

 

Malware

Android.Anubisspy

Phishing

 

Vulnerebility

Symantec Messaging Gateway CVE-2017-15532 Directory Traversal Vulnerability
2017-12-20
http://www.securityfocus.com/bid/102096

NetGain Systems Enterprise Manager CVE-2017-16607 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102219

Trend Micro Mobile Security Information Disclosure and Denial of Service Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102216

IBM RPA with Automation Anywhere CVE-2017-1751 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102217

IBM Business Process Manager CVE-2017-1494 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102218

IBM Integration Bus CVE-2017-1694 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102215

Linksys WVBR0-25 CVE-2017-17411 Remote Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102212

VideoLAN VLC 'mp4/libmp4.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102214

DotNetNuke CVE-2017-9822 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102213

IBM Maximo Asset Management CVE-2017-1558 Unspecified Open Redirect Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102211

Huawei FusionSphere OpenStack CVE-2017-8194 Router Authentication Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102209

Python 'Lib/webbrowser.py' Remote Command Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102207

EMC Isilon OneFS CVE-2017-14380 Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102210

Rapid7 Nexpose CVE-2017-5264 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102208

ImageMagick CVE-2017-17682 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102202

Ruby CVE-2017-17405 Multiple Command Execution Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102204

ImageMagick CVE-2017-17681 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102206

ImageMagick 'coders/xpm.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102203

Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102200

Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102170

Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102199

Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102197

Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102201

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102198

Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102195

Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102196

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/100515

Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102194

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102190

SANS News

Guest Diary (Etay Nir) Kernel Hooking Basics

Threatpost

U.S. Government Blames North Korea for WannaCry

User ‘Gross Negligence’ Leaves Hundreds of Lexmark Printers Open to Attack

Exploint

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)'...

19.12.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

VideoLAN VLC 'mp4/libmp4.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102214

DotNetNuke CVE-2017-9822 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102213

IBM Maximo Asset Management CVE-2017-1558 Unspecified Open Redirect Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102211

Huawei FusionSphere OpenStack CVE-2017-8194 Router Authentication Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102209

Python 'Lib/webbrowser.py' Remote Command Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102207

EMC Isilon OneFS CVE-2017-14380 Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102210

Rapid7 Nexpose CVE-2017-5264 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102208

ImageMagick CVE-2017-17682 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102202

Ruby CVE-2017-17405 Multiple Command Execution Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102204

ImageMagick CVE-2017-17681 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102206

ImageMagick 'coders/xpm.c' Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102203

Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102200

Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102170

Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102199

Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102197

Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102201

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102198

Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102195

Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102196

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/100515

Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102194

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102190

Drupal Services Single Sign-On Client Module Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102189

Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102193

Cisco WebEx Network Recording Player CVE-2017-12359 Buffer Overflow Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102186

IBM Sterling File Gateway CVE-2017-1632 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102191

GraphicsMagick CVE-2017-17501 Heap-Based Buffer Overflow Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102185

Atlassian Bamboo CVE-2017-14589 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102188

Apple iOS and tvOS CVE-2017-13903 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102182F-Secure SAFE For Windows Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102121

OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102118

Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102117

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102108

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102104

Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102070

OpenStack Nova CVE-2017-17051 Incomplete Fix Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102102

OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102103

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102100

Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102101

Apple macOS APPLE-SA-2017-12-6-1 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102099

Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102098

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102097

Atlassian Confluence CVE-2017-16856 Multiple Cross Site Scripting Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102094

Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102084

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102083

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-19
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-19
http://www.securityfocus.com/bid/102073

SANS News

Example of 'MouseOver' Link in a Powerpoint File

Threatpost

Project Zero Chains Bugs for ‘aPAColypse Now’ Attack on Windows 10

Exploint

Intel Content Protection HECI Service - Type Confusion Privilege Escalation

Microsoft Windows - 'jscript!RegExpFncObj::LastParen' Out-of-Bounds Read

Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable

Microsoft Windows - jscript.dll 'Array.sort' Heap Overflow

Microsoft Windows - 'jscript!RegExpComp::Compile' Heap Overflow Through IE or Local...

Microsoft Internet Explorer 11 - 'jscript!JSONStringifyObject' Use-After-Free

Microsoft Windows - 'jscript!NameTbl::GetValDef' Use-After-Free

GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution

Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)

Jenkins - XStream Groovy classpath Deserialization (Metasploit)

Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)

Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection

BrightSign Digital Signage - Multiple Vulnerablities

18.12.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Ruby CVE-2017-17405 Multiple Command Execution Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102204

ImageMagick CVE-2017-17681 Denial of Service Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102206

ImageMagick 'coders/xpm.c' Denial of Service Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102203Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102200

Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102170

Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102199

Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102197

Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102201

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102198

Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102195

Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102196

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-18
http://www.securityfocus.com/bid/100515

Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102194

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102190

Drupal Services Single Sign-On Client Module Cross Site Scripting Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102189

Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102193

Cisco WebEx Network Recording Player CVE-2017-12359 Buffer Overflow Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102186

IBM Sterling File Gateway CVE-2017-1632 Cross Site Scripting Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102191

GraphicsMagick CVE-2017-17501 Heap-Based Buffer Overflow Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102185

Atlassian Bamboo CVE-2017-14589 Remote Code Execution Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102188

Apple iOS and tvOS CVE-2017-13903 Security Bypass Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102182

IBM Sterling File Gateway Directory Traversal and Information Disclosure Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102187

IBM Support Tools for Lotus WCM CVE-2017-1536 Cross Site Scripting Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102183

IBM Sterling File Gateway CVE-2017-1550 Access Bypass Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102184

WebKit Multiple Memory Corruption Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102181

jBPM Migration CVE-2017-7545 XML External Entity Injection Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102179

Lynx 'HTML.c:HTML_put_string()' Function Use After Free Information Disclosure Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102180

Apple iOS and Safari Multiple Security Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/97129

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102097

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-18
http://www.securityfocus.com/bid/102100

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-18
http://www.securityfocus.com/bid/101274

Apple iOS/watchOS/tvOS CVE-2017-13861 Memory Corruption Vulnerability
2017-12-18
http://www.securityfocus.com/bid/102134

SANS News

Phish or scam? - Part 2

Threatpost

 

Exploint

Joomla! Component My Projects 2.0 - SQL Injection

Joomla! Component User Bench 1.0 - 'userid' SQL Injection

Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow

Zoom Linux Client 2.0.106600.0904 - Command Injection

CDex 1.96 - Buffer Overflow

Joomla! Component Guru Pro - 'promocode' SQL Injection

Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection

Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution

Outlook for Android - Attachment Download Directory Traversal

Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)

17.12.2017

Bugtraq

APPLE-SA-2017-12-13-1 iOS 11.2.1 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-12-13-2 tvOS 11.2.1 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

AST-2017-012: Remote Crash Vulnerability in RTCP Stack 2017-12-13
Asterisk Security Team (security asterisk org)

Malware

 

Phishing

 

Vulnerebility

Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102200

Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102170

Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102199

Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102197

Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102201

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102198

Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102195

Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102196

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-16
http://www.securityfocus.com/bid/100515

Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102194

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102190

Drupal Services Single Sign-On Client Module Cross Site Scripting Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102189

Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102193

Cisco WebEx Network Recording Player CVE-2017-12359 Buffer Overflow Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102186

IBM Sterling File Gateway CVE-2017-1632 Cross Site Scripting Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102191

GraphicsMagick CVE-2017-17501 Heap-Based Buffer Overflow Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102185

Atlassian Bamboo CVE-2017-14589 Remote Code Execution Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102188

Apple iOS and tvOS CVE-2017-13903 Security Bypass Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102182

IBM Sterling File Gateway Directory Traversal and Information Disclosure Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102187

IBM Support Tools for Lotus WCM CVE-2017-1536 Cross Site Scripting Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102183

IBM Sterling File Gateway CVE-2017-1550 Access Bypass Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102184

WebKit Multiple Memory Corruption Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102181

jBPM Migration CVE-2017-7545 XML External Entity Injection Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102179

Lynx 'HTML.c:HTML_put_string()' Function Use After Free Information Disclosure Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102180

Apple iOS and Safari Multiple Security Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/97129

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102097

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-16
http://www.securityfocus.com/bid/102100

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-16
http://www.securityfocus.com/bid/101274

Apple iOS/watchOS/tvOS CVE-2017-13861 Memory Corruption Vulnerability
2017-12-16
http://www.securityfocus.com/bid/102134

SANS News

Microsoft Office VBA Macro Obfuscation via Metadata

Phish or scam? - Part 1

Threatpost

 

Exploint

Movie Guide 2.0 - SQL Injection

ITGuard-Manager 0.0.0.1 - Remote Code Execution

15.12.2017

Bugtraq

APPLE-SA-2017-12-13-1 iOS 11.2.1 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2017-12-13-2 tvOS 11.2.1 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

AST-2017-012: Remote Crash Vulnerability in RTCP Stack 2017-12-13
Asterisk Security Team (security asterisk org)

APPLE-SA-2017-12-13-7 Additional information for APPLE-SA-2017-12-6-4 tvOS 11.2 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

ADVISORY - Kemp Load Balancers - Module Application Firewall Pack (AFP) - Web Application Firewall (WAF) does not inspect HTTP POST data - CVE-2017-15524 2017-12-14
tim kretschmann pallas com

APPLE-SA-2017-12-13-5 Safari 11.0.2 2017-12-13
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 4064-1] chromium-browser security update 2017-12-12
Michael Gilbert (mgilbert debian org)

Advisory - Fisheye and Crucible - CVE-2017-14591 2017-12-10
Atlassian (security atlassian com)

Malware

 

Phishing

 

Vulnerebility

Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102200

Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102170

Alteon CVE-2017-17427 Information Disclosure Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102199

Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102197

Asterisk CVE-2017-17664 Remote Denial of Service Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102201

Cisco NX-OS System Software CVE-2017-12339 Local Command Injection Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102198

Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102195

Google Chrome Prior to 63.0.3239.108 Multiple Security Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102196

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-15
http://www.securityfocus.com/bid/100515

Atlassian FishEye and Crucible CVE-2017-14591 Remote Code Execution Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102194

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102190

Drupal Services Single Sign-On Client Module Cross Site Scripting Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102189

Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102193

Cisco WebEx Network Recording Player CVE-2017-12359 Buffer Overflow Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102186

IBM Sterling File Gateway CVE-2017-1632 Cross Site Scripting Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102191

GraphicsMagick CVE-2017-17501 Heap-Based Buffer Overflow Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102185

Atlassian Bamboo CVE-2017-14589 Remote Code Execution Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102188

Apple iOS and tvOS CVE-2017-13903 Security Bypass Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102182

IBM Sterling File Gateway Directory Traversal and Information Disclosure Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102187

IBM Support Tools for Lotus WCM CVE-2017-1536 Cross Site Scripting Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102183

IBM Sterling File Gateway CVE-2017-1550 Access Bypass Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102184

WebKit Multiple Memory Corruption Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102181

jBPM Migration CVE-2017-7545 XML External Entity Injection Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102179

Lynx 'HTML.c:HTML_put_string()' Function Use After Free Information Disclosure Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102180

Apple iOS and Safari Multiple Security Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/97129

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102097

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-15
http://www.securityfocus.com/bid/102100

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-15
http://www.securityfocus.com/bid/101274

Apple iOS/watchOS/tvOS CVE-2017-13861 Memory Corruption Vulnerability
2017-12-15
http://www.securityfocus.com/bid/102134

SANS News

Detection Lab: Visibility & Introspection for Defenders

Threatpost

Triton Malware Targets Industrial Control Systems in Middle East

Synaptics Says Claims of a Keylogger in HP Laptops are False

19-Year-Old TLS Vulnerability Weakens Modern Website Crypto

Exploint

Palo Alto Networks Firewalls - Remote root Code Execution

pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit)

Dup Scout Enterprise - Login Buffer Overflow (Metasploit)

Microsoft Office - DDE Payload Delivery (Metasploit)

Movie Guide 2.0 - SQL Injection

ITGuard-Manager 0.0.0.1 - Remote Code Execution

Sync Breeze 10.2.12 - Denial of Service

14.12.2017

Bugtraq

[SECURITY] [DSA 4064-1] chromium-browser security update 2017-12-12
Michael Gilbert (mgilbert debian org)

Advisory - Fisheye and Crucible - CVE-2017-14591 2017-12-10
Atlassian (security atlassian com)

[SECURITY] [DSA 4062-1] firefox-esr security update 2017-12-10
Moritz Muehlenhoff (jmm debian org)

Malware

Exp.CVE-2017-11886

Trojan.Trisis

Exp.CVE-2017-11890

Exp.CVE-2017-11889

Exp.CVE-2017-11893

Exp.CVE-2017-11894

Exp.CVE-2017-11895

Exp.CVE-2017-11901

Exp.CVE-2017-11907

Exp.CVE-2017-11913

Phishing

 

Vulnerebility

Apple iCloud/iTunes CVE-2017-13864 Security Bypass Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102192

Huawei Smart Phones CVE-2017-8216 Local Security Bypass Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102190

Drupal Services Single Sign-On Client Module Cross Site Scripting Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102189

Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102193

Cisco WebEx Network Recording Player CVE-2017-12359 Buffer Overflow Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102186

IBM Sterling File Gateway CVE-2017-1632 Cross Site Scripting Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102191

GraphicsMagick CVE-2017-17501 Heap-Based Buffer Overflow Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102185

Atlassian Bamboo CVE-2017-14589 Remote Code Execution Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102188

Apple iOS and tvOS CVE-2017-13903 Security Bypass Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102182

IBM Sterling File Gateway Directory Traversal and Information Disclosure Vulnerabilities
2017-12-14
http://www.securityfocus.com/bid/102187

IBM Support Tools for Lotus WCM CVE-2017-1536 Cross Site Scripting Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102183

IBM Sterling File Gateway CVE-2017-1550 Access Bypass Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102184

WebKit Multiple Memory Corruption Vulnerabilities
2017-12-14
http://www.securityfocus.com/bid/102181

jBPM Migration CVE-2017-7545 XML External Entity Injection Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102179

Lynx 'HTML.c:HTML_put_string()' Function Use After Free Information Disclosure Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102180

Apple iOS and Safari Multiple Security Vulnerabilities
2017-12-14
http://www.securityfocus.com/bid/97129

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-14
http://www.securityfocus.com/bid/102097

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-14
http://www.securityfocus.com/bid/102100

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-14
http://www.securityfocus.com/bid/101274

Apple iOS/watchOS/tvOS CVE-2017-13861 Memory Corruption Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102134

Xen 'arch/x86/mm/paging.c' Denial of Service vulnerability
2017-12-14
http://www.securityfocus.com/bid/102175

Multiple Citrix Products CVE-2017-17549 Information Disclosure Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102177

wolfSSL CVE-2017-13099 Information Disclosure Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102174

Multiple Huawei Products CVE-2017-2700 Denial of Service Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102166

Fortinet FortiClient CVE-2017-7344 Privilege Escalation Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102176

Multiple Citrix Products CVE-2017-17382 Information Disclosure Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102173

Xen 'mm/shadow/multi.c' Memory Corruption Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102172

Symantec Norton Family for Android CVE-2017-15529 Local Denial of Service Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102119

Symantec Norton Family for Android CVE-2017-15530 Local Information Disclosure Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102120

Xen 'Hypervisor' Memory Corruption Vulnerability
2017-12-14
http://www.securityfocus.com/bid/102169

SANS News

Security Planner: Improve your online safety

Threatpost

Permissions Flaw Found Azure AD Connect

Microsoft December Patch Tuesday Update Fixes 34 Bugs

Exploint

Microsoft Office - DDE Payload Delivery (Metasploit)

Palo Alto Networks Firewalls - Remote root Code Execution

pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit)

Dup Scout Enterprise - Login Buffer Overflow (Metasploit)

glibc ld.so - Memory Leak / Buffer Overflow

Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow...

Piwigo 2.9.1 - 'cat_true' / 'cat_false' SQL Injection

Bus Booking Script 1.0 - 'txtname' SQL Injection

FS Lynda Clone 1.0 - SQL Injection

Paid To Read Script 2.0.5 - 'uid' / 'fnum' / 'fn' SQL Injection

Readymade Video Sharing Script 3.2 - HTML Injection

Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read

Joomla! Component JEXTN Video Gallery 3.0.5 - 'id' SQL Injection

Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection

13.12.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Xen 'arch/x86/mm/paging.c' Denial of Service vulnerability
2017-12-13
http://www.securityfocus.com/bid/102175

Multiple Citrix Products CVE-2017-17549 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102177

wolfSSL CVE-2017-13099 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102174

Multiple Huawei Products CVE-2017-2700 Denial of Service Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102166

Fortinet FortiClient CVE-2017-7344 Privilege Escalation Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102176

Multiple Citrix Products CVE-2017-17382 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102173

Xen 'mm/shadow/multi.c' Memory Corruption Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102172

Symantec Norton Family for Android CVE-2017-15529 Local Denial of Service Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102119

Symantec Norton Family for Android CVE-2017-15530 Local Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102120

Xen 'Hypervisor' Memory Corruption Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102169

VMware AirWatch Console Module CVE-2017-4942 Access Bypass Vulnerabilitiy
2017-12-13
http://www.securityfocus.com/bid/102171

Multiple Cisco Products CVE-2017-17428 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102170

Cisco NX-OS System Software CVE-2017-12336 Local Unauthorized Access Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102168

GraphicsMagick CVE-2017-17500 Heap-Based Buffer Overflow Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102164

Xen '/mm/hap/hap.c' Memory Corruption Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102167

MatrixSSL Multiple Information Disclosure Vulnerabilities
2017-12-13
http://www.securityfocus.com/bid/91488

Oracle Java SE CVE-2012-5081 Remote Java Runtime Environment Vulnerability
2017-12-13
http://www.securityfocus.com/bid/56071

Multiple F5 BIG-IP Products CVE-2017-6168 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/101901

Cisco NX-OS System Software CVE-2017-12335 Local Command Injection Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102165

IBM MQ CVE-2017-1433 Denial of Service Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102163

Cisco NX-OS System Software CVE-2017-12334 Local Command Injection Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102162

Cisco NX-OS System Software CVE-2017-12333 Local Security Bypass Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102161

Cisco NX-OS System Software CVE-2017-12332 Arbitrary File Write Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102160

Cisco NX-OS System Software CVE-2017-12331 Local Security Bypass Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102159

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-13
http://www.securityfocus.com/bid/101274

Microsoft Windows RPC CVE-2017-11885 Remote Code Execution Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102055

GraphicsMagick CVE-2017-17498 Heap-Based Buffer Overflow Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102158

Microsoft Internet Explorer CVE-2017-11886 Remote Memory Corruption Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102062

Microsoft Windows Device Guard CVE-2017-11899 Remote Security Bypass Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102077

Microsoft Internet Explorer CVE-2017-11887 Information Disclosure Vulnerability
2017-12-13
http://www.securityfocus.com/bid/102063

SANS News

Tracking Newly Registered Domains

Threatpost

New Spider Ransomware Comes With 96-Hour Deadline

Exploint

Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read

Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload

glibc ld.so - Memory Leak / Buffer Overflow

macOS/iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option...

macOS - Kernel Code Execution due to Lack of Bounds Checking in...

macOS/iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime...

Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in...

12.12.2017

Bugtraq

Advisory - Fisheye and Crucible - CVE-2017-14591 2017-12-10
Atlassian (security atlassian com)

[SECURITY] [DSA 4062-1] firefox-esr security update 2017-12-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4060-1] wireshark security update 2017-12-09
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4061-1] thunderbird security update 2017-12-10
Moritz Muehlenhoff (jmm debian org)

[slackware-security] openssl (SSA:2017-342-01) 2017-12-09
Slackware Security Team (security slackware com)

FreeBSD Security Advisory FreeBSD-SA-17:12.openssl 2017-12-09
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 4059-1] libxcursor security update 2017-12-08
Salvatore Bonaccorso (carnil debian org)

CISTI'2018 -- Doctoral Symposium -- Call for contributions 2017-12-08
ML (marialemos72 gmail com)

Malware

 

Phishing

From The Google Foundation

12th December 2017

From The Google Foundation

Vulnerebility

SAP Netweaver CVE-2017-16682 Remote Code Injection Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102143

SAP NOTE Unspecified Security Vulnerability
2017-12-12
http://www.securityfocus.com/bid/101822

SAP Business Intelligence Promotion Management CVE-2017-16681 Cross Site Scripting Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102142

SAP Kernel CVE-2017-16689 Authentication Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102144

SAP HANA CVE-2017-16680 Security Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102138

Adobe Reader and Acrobat Out-of-bounds Read Multiple Remote Code Execution Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102140Linux Kernel 'security/keys/keyctl.c' Local Security Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102135

ACDSee Ultimate CVE-2017-2886 Remote Code Execution Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102133

Google Android Framework Multiple Privilege Escalation Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102131

Citrix XenServer Multiple Security Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102129

Drupal Cloud Module Cross Site Request Forgery Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102132

Apple iOS/watchOS/tvOS CVE-2017-13861 Memory Corruption Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102134

Google Android Media Framework Components Multiple Security Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102126

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-12
http://www.securityfocus.com/bid/101274

Jenkins CVE-2017-17383 Multiple HTML Injection Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102130

Linux Kernel CVE-2017-15121 Local Denial of Service Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102128

Apache CXF Fediz CVE-2017-12631 Multiple Cross Site Request Forgery Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102127

LibTIFF CVE-2017-17095 Heap Based Buffer Overflow Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102124

Xiongmai IP Camera Module and DVR CVE-2017-16725 Stack Buffer Overflow Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102125

Fortinet FortiClient CVE-2017-14184 Local Information Disclosure Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102123

CODESYS Runtime 'plclinux_rt' Multiple Authentication Bypass Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102113

Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102122

F-Secure SAFE For Windows Cross Site Scripting Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102121

OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102118

Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102117

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102108

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-12
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-12
http://www.securityfocus.com/bid/102104

SANS News

 

Threatpost

Leftover Debugger Doubles as a Keylogger on Hundreds of HP Laptop Models

Exploint

macOS XNU Kernel - Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory...

iOS/macOS - Kernel Double Free due to IOSurfaceRootUserClient not Respecting MIG...

macOS - 'getrusage' Stack Leak Through struct Padding

macOS - 'necp_get_socket_attributes' so_pcb Type Confusion

MikroTik 6.40.5 ICMP - Denial of Service

LibTIFF pal2rgb 4.0.9 - Heap Buffer Overflow

Vanguard 1.4 - SQL Injection

Vanguard 1.4 - Arbitrary File Upload

Basic Job Site Script 2.0.5 - SQL Injection

Resume Clone Script 2.0.5 - SQL Injection

Advanced World Database 2.0.5 - SQL Injection

Muslim Matrimonial Script 3.02 - 'succid' SQL Injection

Groupon Clone Script 3.01 - 'state_id' / 'search' SQL Injection

Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload

Joomla! Component JBuildozer 1.4.1 - 'appid' SQL Injection

11.12.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Jenkins CVE-2017-17383 Multiple HTML Injection Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102130

Linux Kernel CVE-2017-15121 Local Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102128

Apache CXF Fediz CVE-2017-12631 Multiple Cross Site Request Forgery Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102127

LibTIFF CVE-2017-17095 Heap Based Buffer Overflow Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102124

Xiongmai IP Camera Module and DVR CVE-2017-16725 Stack Buffer Overflow Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102125

Fortinet FortiClient CVE-2017-14184 Local Information Disclosure Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102123

CODESYS Runtime 'plclinux_rt' Multiple Authentication Bypass Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102113

Linux Kernel 'net/netlink/af_netlink.c' Local Information Disclosure Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102122

F-Secure SAFE For Windows Cross Site Scripting Vulnerability
2017-12-11OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102118

Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102117

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102108

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102104

Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102070

OpenStack Nova CVE-2017-17051 Incomplete Fix Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102102

OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102103

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102100

Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102101

Apple macOS APPLE-SA-2017-12-6-1 Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102099

Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102098

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102097

Atlassian Confluence CVE-2017-16856 Multiple Cross Site Scripting Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102094

Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102084

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102083

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-11
http://www.securityfocus.com/bid/102073

Wireshark 'epan/dissectors/packet-cipsafety.c' Denial of Service Vulnerability
2017-12-11
http://www.securityfocus.com/bid/102071

SANS News

Pornographic malspam pushes coin miner malware

Threatpost

 

Exploint

MikroTik 6.40.5 ICMP - Denial of Service

MLM Forex Market Plan Script 2.0.4 - 'newid' / 'eventid' SQL Injection

Entrepreneur Bus Booking Script 3.0.4 - 'sourcebus' SQL Injection

Advanced Real Estate Script 4.0.7 - SQL Injection

Single Theater Booking Script 3.2.1 - 'findcity.php?q' SQL Injection

Multiplex Movie Theater Booking Script 3.1.5 - 'moid' / 'eid' SQL Injection

Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection

Multireligion Responsive Matrimonial 4.7.2 - 'succid' SQL Injection

10.12.2017

Bugtraq

[SECURITY] [DSA 4057-1] erlang security update 2017-12-08
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4056-1] nova security update 2017-12-07
Sebastien Delafond (seb debian org)

Malware

 

Phishing

 

Vulnerebility

OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102118

Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102117

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102108

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102104

Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102070

OpenStack Nova CVE-2017-17051 Incomplete Fix Denial of Service Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102102

OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102103

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102100

Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102101

Apple macOS APPLE-SA-2017-12-6-1 Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102099

Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102098

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102097

Atlassian Confluence CVE-2017-16856 Multiple Cross Site Scripting Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102094

Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102084

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102083

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-10
http://www.securityfocus.com/bid/102073

Wireshark 'epan/dissectors/packet-cipsafety.c' Denial of Service Vulnerability
2017-12-10
http://www.securityfocus.com/bid/102071OpenSSL CVE-2017-3738 Information Disclosure Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102118

Linux Kernel 'net/netfilter/nfnetlink_cthelper.c' Local Security Bypass Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102117

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102108

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102104

Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102070

OpenStack Nova CVE-2017-17051 Incomplete Fix Denial of Service Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102102

OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102103

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102100

Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102101

Apple macOS APPLE-SA-2017-12-6-1 Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102099

Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102098

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102097

Atlassian Confluence CVE-2017-16856 Multiple Cross Site Scripting Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102094

Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102084

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102083

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-09
http://www.securityfocus.com/bid/102073

Wireshark 'epan/dissectors/packet-cipsafety.c' Denial of Service Vulnerability
2017-12-09
http://www.securityfocus.com/bid/102071

SANS News

Sometimes it's a dud

Using Our API To Adjust iptables Rules

Threatpost

Apple Fixes Flaw Impacting HomeKit Devices

Android Flaw Poisons Signed Apps with Malicious Code

Exploint

Beauty Parlour Booking Script 1.0 - 'gender' / 'city' SQL Injection

Basic B2B Script 2.0.8 - 'product_details.php?id' SQL Injection

Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection

Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection

LabF nfsAxe FTP Client 3.7 - Buffer Overflow (DEP Bypass)

Apple macOS 10.13.1 (High Sierra) - Insecure Cron System Local Privilege Escalation

FS Monster Clone 1.0 - 'Employer_Details.php?id' SQL Injection

FS Olx Clone 1.0 - 'scat' / 'pid' SQL Injection

FS Quibids Clone 1.0 - SQL Injection

FS Shutterstock Clone 1.0 - 'keywords' SQL Injection

FS Stackoverflow Clone 1.0 - 'keywords' SQL Injection

FS Thumbtack Clone 1.0 - 'cat' / 'sc' SQL Injection

Realestate Crowdfunding Script 2.7.2 - 'pid' SQL Injection

8.12.2017

Bugtraq

[SECURITY] [DSA 4057-1] erlang security update 2017-12-08
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 4056-1] nova security update 2017-12-07
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 4052-1] bzr security update 2017-11-29
Salvatore Bonaccorso (carnil debian org)

Malware

Linux.Satori

Phishing

App Store

7th December 2017

APPLE PURCHASE SUCCESSFULLY
PAYMENT CONFIRMATION SPOTIFY
PREMIUM

Vulnerebility

GNU Libextractor CVE-2017-17440 Remote Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102116

Mozilla Firefox and Firefox ESR CVE-2017-7845 Buffer Overflow Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102115

Rockwell Automation FactoryTalk Alarms and Events CVE-2017-14022 Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102114

Multiple Phoenix Contact Products CVE-2017-16723 Cross Site Scripting Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102111

Mozilla Firefox ESR CVE-2017-7843 Security Bypass Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102112

Google Android System Component Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102109

Linux Kernel '/netfilter/xt_osf.c' Local Security Bypass Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102110

Google Android MediaTek Components Multiple Privilege Escalation Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102108Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102107

Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102106

Microsoft Malware Protection Engine CVE-2017-11940 Remote Code Execution Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102104

Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102070

OpenStack Nova CVE-2017-17051 Incomplete Fix Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102102

OpenSSL CVE-2017-3737 Security Bypass Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102103

Apple iOS/WatchOS/tvOS/macOS Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102100

Linux Kernel CVE-2017-1000410 Information Disclosure Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102101

Apple macOS APPLE-SA-2017-12-6-1 Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102099

Google Chrome Prior to 63.0.3239.84 Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102098

Apple iOS APPLE-SA-2017-12-6-2 Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102097

Atlassian Confluence CVE-2017-16856 Multiple Cross Site Scripting Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102094

Linux Kernel CVE-2017-15868 Local Privilege Escalation Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102084

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102083

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102073

Wireshark 'epan/dissectors/packet-cipsafety.c' Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102071

Google Android Multiple Qualcomm Components Multiple Unspecified Security Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102072

Cisco NX-OS System Software CVE-2017-12340 Local Unauthorized Access Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102069

Multiple F-Secure Internet Gatekeeper Products Information Disclosure Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102066

IBM BigInsights CVE-2017-1336 Remote Code Injection Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102061

Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102056

cURL/libcURL CVE-2017-8817 Memory Corruption Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102057

QEMU CVE-2017-17381 Denial of Service Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102059

IBM Connections Engagement Center Cross Site Scripting and Information Disclosure Vulnerabilities
2017-12-08
http://www.securityfocus.com/bid/102051

IBM Financial Transaction Manager CVE-2017-1606 SQL Injection Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102049

IBM Connections CVE-2017-1498 Cross Site Scripting Vulnerability
2017-12-08
http://www.securityfocus.com/bid/102048

SANS News

 

Threatpost

Banking Apps Found Vulnerable to MITM Attacks

TeamViewer Rushes Fix for Permissions Bug

Exploint

Website Auction Marketplace 2.0.5 - 'cat_id' SQL Injection

Simple Chatting System 1.0.0 - Arbitrary File Upload

DomainSale PHP Script 1.0 - 'id' SQL Injection

LabF nfsAxe FTP Client 3.7 - Buffer Overflow (DEP Bypass)

Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal

Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)

LaCie 5big Network 2.2.8 - Command Injection

OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting

FS Facebook Clone - 'token' SQL Injection

7.12.2017

Bugtraq

 

Malware

Win32/KillAV.NTD

Trojan.Bankice

Phishing

 

Vulnerebility

Palo Alto Networks PAN-OS CVE-2017-15944 Remote Code Execution Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102079

Palo Alto Networks Global Protect Client CVE-2017-15870 Local Privilege Escalation Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102083Microsoft Malware Protection Engine CVE-2017-11937 Remote Code Execution Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102070

Palo Alto Networks PAN-OS CVE-2017-15943 Server Side Request Forgery Security Bypass Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102074

Palo Alto Networks PAN-OS CVE-2017-15940 Remote Command Injection Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102076

Palo Alto Networks PAN-OS CVE-2017-15942 Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102075

Google Android Multiple Qualcomm Components Multiple Security Vulnerabilities
2017-12-07
http://www.securityfocus.com/bid/102073

Wireshark 'epan/dissectors/packet-cipsafety.c' Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102071

Google Android Multiple Qualcomm Components Multiple Unspecified Security Vulnerabilities
2017-12-07
http://www.securityfocus.com/bid/102072

Cisco NX-OS System Software CVE-2017-12340 Local Unauthorized Access Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102069

Multiple F-Secure Internet Gatekeeper Products Information Disclosure Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102066

IBM BigInsights CVE-2017-1336 Remote Code Injection Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102061

Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102056

cURL/libcURL CVE-2017-8817 Memory Corruption Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102057

QEMU CVE-2017-17381 Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102059

IBM Connections Engagement Center Cross Site Scripting and Information Disclosure Vulnerabilities
2017-12-07
http://www.securityfocus.com/bid/102051

IBM Financial Transaction Manager CVE-2017-1606 SQL Injection Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102049

IBM Connections CVE-2017-1498 Cross Site Scripting Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102048

Amazon Audible CVE-2017-17069 DLL Loading Local Privilege Escalation Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102044

Multiple Siemens Products CVE-2017-12741 Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/101964

Apache Qpid Broker-J CVE-2017-15701 Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102041

IBM Sterling B2B Integrator CVE-2017-1481 Information Disclosure Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102043

IBM WebSphere MQ CVE-2017-1341 Unauthorized Access Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102042

Apache Qpid Broker CVE-2017-15702 Security Weakness
2017-12-07
http://www.securityfocus.com/bid/102040

SAP NOTE Unspecified Security Vulnerability
2017-12-07
http://www.securityfocus.com/bid/101822

Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102038

Mozilla Firefox MFSA2017-27 Multiple Security Vulnerabilities
2017-12-07
http://www.securityfocus.com/bid/102039

WordPress Prior to 4.9.1 Multiple Security Vulnerabilities
2017-12-07
http://www.securityfocus.com/bid/102024

Wireshark 'epan/dissectors/packet-iwarp-mpa.c' Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102030

Wireshark 'epan/dissectors/packet-netbios.c' Denial of Service Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102029

IBM Sterling File Gateway CVE-2017-1549 Cross Site Scripting Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102037

IBM Sterling File Gateway CVE-2017-1487 Information Disclosure Vulnerability
2017-12-07
http://www.securityfocus.com/bid/102036

SANS News

Apple Updates Everything. Again.

Threatpost

Google Patches Critical Encryption Bug Impacting Pixel, Nexus Phones

Exploint

Linux Kernel - DCCP Socket Use-After-Free

Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash

Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path

Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)

OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting

FS Facebook Clone - 'token' SQL Injection

FS IMDB Clone - 'id' SQL Injection

6.12.2017

Bugtraq

 

Malware

Exp.CVE-2017-16408

Trojan.Finsev

Phishing

 

Vulnerebility

Multiple F-Secure Internet Gatekeeper Products Information Disclosure Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102066

IBM BigInsights CVE-2017-1336 Remote Code Injection Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102061

Linux Kernel CVE-2017-8824 Local Privilege Escalation Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102056

cURL/libcURL CVE-2017-8817 Memory Corruption Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102057

QEMU CVE-2017-17381 Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102059

IBM Connections Engagement Center Cross Site Scripting and Information Disclosure Vulnerabilities
2017-12-06
http://www.securityfocus.com/bid/102051

IBM Financial Transaction Manager CVE-2017-1606 SQL Injection Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102049

IBM Connections CVE-2017-1498 Cross Site Scripting Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102048

Amazon Audible CVE-2017-17069 DLL Loading Local Privilege Escalation Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102044

Multiple Siemens Products CVE-2017-12741 Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/101964

Apache Qpid Broker-J CVE-2017-15701 Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102041

IBM Sterling B2B Integrator CVE-2017-1481 Information Disclosure Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102043

IBM WebSphere MQ CVE-2017-1341 Unauthorized Access Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102042

Apache Qpid Broker CVE-2017-15702 Security Weakness
2017-12-06
http://www.securityfocus.com/bid/102040

SAP NOTE Unspecified Security Vulnerability
2017-12-06
http://www.securityfocus.com/bid/101822

Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102038

Mozilla Firefox MFSA2017-27 Multiple Security Vulnerabilities
2017-12-06
http://www.securityfocus.com/bid/102039

WordPress Prior to 4.9.1 Multiple Security Vulnerabilities
2017-12-06
http://www.securityfocus.com/bid/102024

Wireshark 'epan/dissectors/packet-iwarp-mpa.c' Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102030

Wireshark 'epan/dissectors/packet-netbios.c' Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102029

IBM Sterling File Gateway CVE-2017-1549 Cross Site Scripting Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102037

IBM Sterling File Gateway CVE-2017-1487 Information Disclosure Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102036

IBM Sterling B2B Integrator CVE-2017-1482 Cross Site Scripting Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102035

IBM Atlas eDiscovery Process Management CVE-2017-1356 Unspecified SQL Injection Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102033

IBM Security Guardium CVE-2017-1271 Security Bypass Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102034

IBM Atlas eDiscovery Process Management CVE-2017-1355 Information Disclosure Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102016

Linux Kernel CVE-2017-1000405 Local Race Condition Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102032

Geovap Reliance SCADA CVE-2017-16721 Cross Site Scripting Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102031

Asterisk 'chan_skinny' Remote Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102023

Linux Kernel CVE-2017-16533 Local Denial of Service Vulnerability
2017-12-06
http://www.securityfocus.com/bid/102026

SANS News

PSA: Do not Trust Reverse DNS (and why does an address resolve to "localhost").

Threatpost

Developers Targeted in ‘ParseDroid’ PoC Attack

Exploint

FS Shaadi Clone - 'token' SQL Injection

WinduCMS 3.1 - Local File Disclosure

FS Makemytrip Clone - 'id' SQL Injection

Readymade Classifieds Script 1.0 - SQL Injection

Techno Portfolio Management Panel - 'id' SQL Injection

Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation

Proxifier for Mac 2.19 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 4.0.23 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 4.0.24 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 5.0.0 - Local Privilege Escalation

Sera 1.2 - Local Privilege Escalation / Password Disclosure

Hashicorp vagrant-vmware-fusion 5.0.1 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 5.0.3 - Local Privilege Escalation

5.12.2017

Bugtraq

 

Malware

 

Phishing

service@paypal.com

5th December 2017

YOU RECEIPT SENT A PAYMENT TO
CLEVERBRIDGE, INC

Microsoft

4th December 2017

You are about to leave the
panel

Vulnerebility

SAP NOTE Unspecified Security Vulnerability
2017-12-05
http://www.securityfocus.com/bid/101822

Linux Kernel 'arch/x86/kvm/vmx.c' Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102038

Mozilla Firefox MFSA2017-27 Multiple Security Vulnerabilities
2017-12-05
http://www.securityfocus.com/bid/102039

WordPress Prior to 4.9.1 Multiple Security Vulnerabilities
2017-12-05
http://www.securityfocus.com/bid/102024

Wireshark 'epan/dissectors/packet-iwarp-mpa.c' Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102030

Wireshark 'epan/dissectors/packet-netbios.c' Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102029IBM Sterling B2B Integrator CVE-2017-1482 Cross Site Scripting Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102035

IBM Atlas eDiscovery Process Management CVE-2017-1356 Unspecified SQL Injection Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102033

IBM Security Guardium CVE-2017-1271 Security Bypass Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102034

IBM Atlas eDiscovery Process Management CVE-2017-1355 Information Disclosure Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102016

Linux Kernel CVE-2017-1000405 Local Race Condition Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102032

Geovap Reliance SCADA CVE-2017-16721 Cross Site Scripting Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102031

Asterisk 'chan_skinny' Remote Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102023

Wireshark 'epan/dissectors/packet-iwarp-mpa.c' Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102030

Wireshark 'epan/dissectors/packet-netbios.c' Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102029

Linux Kernel CVE-2017-16533 Local Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102026

Linux Kernel 'drivers/usb/serial/console.c' Local Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102028

Multiple Cisco Nexus Series Switches CVE-2017-12342 Local Code Execution Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102027

Novell NetIQ Sentinel CVE-2016-1000031 Remote Code Execution Vulnerability
2017-12-05
http://www.securityfocus.com/bid/93604

WordPress Prior to 4.9.1 Multiple Security Vulnerabilities
2017-12-05
http://www.securityfocus.com/bid/102024

Linux Kernel CVE-2017-16531 Local Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102025

Linux Kernel 'drivers/usb/core/config.c' Local Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102022

FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2017-12-05
http://www.securityfocus.com/bid/99623

Apache Struts CVE-2017-15707 Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102021

OpenSSL CVE-2017-3736 Information Disclosure Vulnerability
2017-12-05
http://www.securityfocus.com/bid/101666

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-05
http://www.securityfocus.com/bid/100515

IBM Jazz Team Server CVE-2017-1570 Information Disclosure Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102020

Cisco NX-OS System Software CVE-2017-12351 Local Unauthorized Access Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102019

Cisco UCS Central Software Cross Site Scripting and Session Fixation Vulnerabilities
2017-12-05
http://www.securityfocus.com/bid/102018

Cisco FXOS and NX-OS System Software CVE-2017-12329 Local Command Injection Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102015

Multiple Cisco WebEx Products Multiple Security Vulnerabilities
2017-12-05
http://www.securityfocus.com/bid/102017

Cisco NX-OS System Software CVE-2017-12330 Local Command Injection Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102012

Xen Information Disclosure Vulnerability
2017-12-05
http://www.securityfocus.com/bid/101067

Xen CVE-2017-17045 Privilege Escalation Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102013

cURL/libcURL CVE-2017-8818 Out of Bounds Read Denial of Service Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102014

Linux Kernel CVE-2017-17053 Local Use After Free Memory Corruption Vulnerability
2017-12-05
http://www.securityfocus.com/bid/102010

SANS News

IR using the Hive Project.

Threatpost

Google Cracks Down On Nosy Android Apps

Exploint

VX Search 10.2.14 - 'command_name' Buffer Overflow

Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation

Techno Portfolio Management Panel - 'id' SQL Injection

Readymade Classifieds Script 1.0 - SQL Injection

4.12.2017

Bugtraq

 

Malware

 

Phishing

Bank of America

4th December 2017

New Message from Boa

Vulnerebility

Novell NetIQ Sentinel CVE-2016-1000031 Remote Code Execution Vulnerability
2017-12-04
http://www.securityfocus.com/bid/93604

WordPress Prior to 4.9.1 Multiple Security Vulnerabilities
2017-12-04
http://www.securityfocus.com/bid/102024

Linux Kernel CVE-2017-16531 Local Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102025

Asterisk 'chan_skinny' Remote Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102023

Linux Kernel 'drivers/usb/core/config.c' Local Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102022FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2017-12-04
http://www.securityfocus.com/bid/99623

OpenSSL CVE-2017-3736 Information Disclosure Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101666

OpenSSL CVE-2017-3735 Security Bypass Vulnerability
2017-12-04
http://www.securityfocus.com/bid/100515

IBM Jazz Team Server CVE-2017-1570 Information Disclosure Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102020

Cisco NX-OS System Software CVE-2017-12351 Local Unauthorized Access Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102019

Cisco UCS Central Software Cross Site Scripting and Session Fixation Vulnerabilities
2017-12-04
http://www.securityfocus.com/bid/102018

Cisco FXOS and NX-OS System Software CVE-2017-12329 Local Command Injection Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102015

Multiple Cisco WebEx Products Multiple Security Vulnerabilities
2017-12-04
http://www.securityfocus.com/bid/102017

Cisco NX-OS System Software CVE-2017-12330 Local Command Injection Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102012

Xen Information Disclosure Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101067

Xen CVE-2017-17045 Privilege Escalation Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102013

cURL/libcURL CVE-2017-8818 Out of Bounds Read Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102014

Linux Kernel CVE-2017-17053 Local Use After Free Memory Corruption Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102010

Linux Kernel 'kernel/fork.c' Local Use After Free Memory Corruption Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102009

QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102011

Xen CVE-2017-17044 Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102008

Splunk Enterprise CVE-2017-17067 Multiple Security Bypass Vulnerabilities
2017-12-04
http://www.securityfocus.com/bid/102005

ZKTeco ZKTime Web CVE-2017-17056 Cross Site Request Forgery Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102007

ZKTeco ZKTime Web CVE-2017-17057 Cross Site Scripting Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102006

Cisco IP Phone 8800 Series CVE-2017-12328 Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102003

Cisco Prime Service Catalog CVE-2017-12364 SQL Injection Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102004

Cisco WebEx Network Recording Player CVE-2017-12360 Denial of Service Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102001

Cisco Email Security Appliance CVE-2017-12353 Remote Security Bypass Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102002

cURL/libcURL CVE-2017-8816 Buffer Overflow Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101998

Cisco WebEx Meetings Server CVE-2017-12363 Remote Security Bypass Vulnerability
2017-12-04
http://www.securityfocus.com/bid/102000

Cisco WebEx Event Center CVE-2017-12365 Information Disclosure Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101999

EMC ScaleIO CVE-2017-8001 Local Information Disclosure Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101997

Cisco Data Center Network Manager Multiple Remote Security Vulnerabilities
2017-12-04
http://www.securityfocus.com/bid/101996

EMC ScaleIO CVE-2017-8020 Buffer Overflow Vulnerability
2017-12-04
http://www.securityfocus.com/bid/101995

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation
2017-12-04
http://www.securityfocus.com/bid/101993

SANS News

 

Threatpost

 

Exploint

 

3.12.2017

Bugtraq

[SECURITY] [DSA 4052-1] bzr security update 2017-11-29
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 4051-1] curl security update 2017-11-29
Yves-Alexis Perez (corsac debian org)

Malware

 

Phishing

 

Vulnerebility

Cisco NX-OS System Software CVE-2017-12351 Local Unauthorized Access Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102019

Cisco UCS Central Software Cross Site Scripting and Session Fixation Vulnerabilities
2017-12-03
http://www.securityfocus.com/bid/102018

Cisco FXOS and NX-OS System Software CVE-2017-12329 Local Command Injection Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102015

Multiple Cisco WebEx Products Multiple Security Vulnerabilities
2017-12-03
http://www.securityfocus.com/bid/102017

Cisco NX-OS System Software CVE-2017-12330 Local Command Injection Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102012

Xen Information Disclosure Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101067

Xen CVE-2017-17045 Privilege Escalation Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102013

cURL/libcURL CVE-2017-8818 Out of Bounds Read Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102014

Linux Kernel CVE-2017-17053 Local Use After Free Memory Corruption Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102010

Linux Kernel 'kernel/fork.c' Local Use After Free Memory Corruption Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102009

QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102011

Xen CVE-2017-17044 Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102008

Splunk Enterprise CVE-2017-17067 Multiple Security Bypass Vulnerabilities
2017-12-03
http://www.securityfocus.com/bid/102005

ZKTeco ZKTime Web CVE-2017-17056 Cross Site Request Forgery Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102007

ZKTeco ZKTime Web CVE-2017-17057 Cross Site Scripting Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102006

Cisco IP Phone 8800 Series CVE-2017-12328 Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102003

Cisco Prime Service Catalog CVE-2017-12364 SQL Injection Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102004

Cisco WebEx Network Recording Player CVE-2017-12360 Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102001

Cisco Email Security Appliance CVE-2017-12353 Remote Security Bypass Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102002

cURL/libcURL CVE-2017-8816 Buffer Overflow Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101998

Cisco WebEx Meetings Server CVE-2017-12363 Remote Security Bypass Vulnerability
2017-12-03
http://www.securityfocus.com/bid/102000

Cisco WebEx Event Center CVE-2017-12365 Information Disclosure Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101999

EMC ScaleIO CVE-2017-8001 Local Information Disclosure Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101997

Cisco Data Center Network Manager Multiple Remote Security Vulnerabilities
2017-12-03
http://www.securityfocus.com/bid/101996

EMC ScaleIO CVE-2017-8020 Buffer Overflow Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101995

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation
2017-12-03
http://www.securityfocus.com/bid/101993

EMC ScaleIO CVE-2017-8019 Denial of Service Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101991

Cisco Jabber for Windows CVE-2017-12361 Local Information Disclosure Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101994

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-12-03
http://www.securityfocus.com/bid/101832

Cisco Jabber CVE-2017-12358 Cross Site Scripting Vulnerability
2017-12-03
http://www.securityfocus.com/bid/101992Cisco NX-OS System Software CVE-2017-12351 Local Unauthorized Access Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102019

Cisco UCS Central Software Cross Site Scripting and Session Fixation Vulnerabilities
2017-12-02
http://www.securityfocus.com/bid/102018

Cisco FXOS and NX-OS System Software CVE-2017-12329 Local Command Injection Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102015

Multiple Cisco WebEx Products Multiple Security Vulnerabilities
2017-12-02
http://www.securityfocus.com/bid/102017

Cisco NX-OS System Software CVE-2017-12330 Local Command Injection Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102012

Xen Information Disclosure Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101067

Xen CVE-2017-17045 Privilege Escalation Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102013

cURL/libcURL CVE-2017-8818 Out of Bounds Read Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102014

Linux Kernel CVE-2017-17053 Local Use After Free Memory Corruption Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102010

Linux Kernel 'kernel/fork.c' Local Use After Free Memory Corruption Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102009

QEMU 'b/nbd/server.c' Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102011

Xen CVE-2017-17044 Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102008

Splunk Enterprise CVE-2017-17067 Multiple Security Bypass Vulnerabilities
2017-12-02
http://www.securityfocus.com/bid/102005

ZKTeco ZKTime Web CVE-2017-17056 Cross Site Request Forgery Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102007

ZKTeco ZKTime Web CVE-2017-17057 Cross Site Scripting Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102006

Cisco IP Phone 8800 Series CVE-2017-12328 Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102003

Cisco Prime Service Catalog CVE-2017-12364 SQL Injection Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102004

Cisco WebEx Network Recording Player CVE-2017-12360 Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102001

Cisco Email Security Appliance CVE-2017-12353 Remote Security Bypass Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102002

cURL/libcURL CVE-2017-8816 Buffer Overflow Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101998

Cisco WebEx Meetings Server CVE-2017-12363 Remote Security Bypass Vulnerability
2017-12-02
http://www.securityfocus.com/bid/102000

Cisco WebEx Event Center CVE-2017-12365 Information Disclosure Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101999

EMC ScaleIO CVE-2017-8001 Local Information Disclosure Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101997

Cisco Data Center Network Manager Multiple Remote Security Vulnerabilities
2017-12-02
http://www.securityfocus.com/bid/101996

EMC ScaleIO CVE-2017-8020 Buffer Overflow Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101995

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation
2017-12-02
http://www.securityfocus.com/bid/101993

EMC ScaleIO CVE-2017-8019 Denial of Service Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101991

Cisco Jabber for Windows CVE-2017-12361 Local Information Disclosure Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101994

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-12-02
http://www.securityfocus.com/bid/101832

Cisco Jabber CVE-2017-12358 Cross Site Scripting Vulnerability
2017-12-02
http://www.securityfocus.com/bid/101992

SANS News

Using Bad Material for the Good

StartSSL: Termination of Services is Now Scheduled

Threatpost

Cisco Patches Critical Playback Bugs in WebEx Players

RAT Distributed Via Google Drive Targets East Asia

Exploint

Artica Web Proxy 3.06 - Remote Code Execution

MistServer 2.12 - Cross-Site Scripting

Jobs2Careers / Coroflot Clone - SQL Injection

Abyss Web Server < 2.11.6 - Heap Memory Corruption

1.12.2017

Bugtraq

[SECURITY] [DSA 4052-1] bzr security update 2017-11-29
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 4051-1] curl security update 2017-11-29
Yves-Alexis Perez (corsac debian org)

Advisory - Hipchat Data Center, Hipchat Server - CVE-2017-14585 2017-11-29
Matthew Hart (mhart atlassian com)

Malware

 

Phishing

Regions online

1st December 2017

Regions Access Alert.

offer on behalf of Survey Rew

29th November 2017

Consumer News: Get an [Amazon]
Gift Card!

Navy Federal Credit Union

28th November 2017

You have (1) new Security
message

Chase Bank

27th November 2017

Secure Message

Vulnerebility

Fortinet Fortiweb CVE-2017-7736 HTML Injection Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101916

TYPO3 T3Blog Extbase Extension Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101913

Cisco ASA Next-Generation Firewall Services CVE-2017-12299 Remote Security Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101915

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-12-01
http://www.securityfocus.com/bid/101274

Cisco Spark Board CVE-2017-12306 Local Security Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101914

Magento Multiple Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101912

Linux kernel 'block/bio.c' Multiple Local Information Disclosure Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101911

Moodle CVE-2017-15110 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101909

Symantec Norton Security for Mac CVE-2017-15528 Certificate Spoofing Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101796

Samba CVE-2017-15275 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101908

Infinispan 'hotrod java' Client Remote Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101910

Samba CVE-2017-14746 Arbitrary Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101907

Multiple Oracle Server Products Multiple Local Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101906

IBM Tivoli Monitoring CVE-2017-1635 Remote Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101905

IBM Rational DOORS Next Generation Multiple Cross Site Scripting Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101904

Multiple VMware Products CVE-2017-4934 Local Heap Buffer Overflow Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101903

Multiple VMware Products Out of Bounds Write Local Arbitrary Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101902

Multiple F5 BIG-IP Products CVE-2017-6168 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101901

OpenSAML CVE-2017-16853 Multipal Security Bypass Vulnerabilites
2017-12-01
http://www.securityfocus.com/bid/101898

IBM Business Process Manager CVE-2017-1628 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101900

Node.js ejs Package 'ejs.renderFile()' Function Remote Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101897

Cisco FindIT Discovery Utility DLL Loading Local Arbitrary Code Execution Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101896

Amazon Key CVE-2017-16867 Security Weakness
2017-12-01
http://www.securityfocus.com/bid/101899

Symantec Management Console CVE-2017-15527 Directory Traversal Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101743

Multiple VMware Products Out of Bounds Read Multiple Local Arbitrary Code Execution Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101892

Node.js ejs Package 'ejs.renderFile()' function Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101893

IBM WebSphere Commerce CVE-2017-1484 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101894

IBM Rational DOORS Next Generation Multiple Cross Site Scripting Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101895

VMware NSX Edge CVE-2017-4929 Cross site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101891

Intel Unite App CVE-2017-5738 Privilege Escalation Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101888ZKTeco ZKTime Web CVE-2017-17056 Cross Site Request Forgery Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102007

ZKTeco ZKTime Web CVE-2017-17057 Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102006

Cisco IP Phone 8800 Series CVE-2017-12328 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102003

Cisco Prime Service Catalog CVE-2017-12364 SQL Injection Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102004Cisco WebEx Network Recording Player CVE-2017-12360 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102001

Cisco Email Security Appliance CVE-2017-12353 Remote Security Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102002

cURL/libcURL CVE-2017-8816 Buffer Overflow Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101998

Cisco WebEx Meetings Server CVE-2017-12363 Remote Security Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/102000

Cisco WebEx Event Center CVE-2017-12365 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101999

EMC ScaleIO CVE-2017-8001 Local Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101997

Cisco Data Center Network Manager Multiple Remote Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101996

EMC ScaleIO CVE-2017-8020 Buffer Overflow Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101995

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation
2017-12-01
http://www.securityfocus.com/bid/101993

EMC ScaleIO CVE-2017-8019 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101991

Cisco Jabber for Windows CVE-2017-12361 Local Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101994

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101832

Cisco Jabber CVE-2017-12358 Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101992

Cisco Jabber CVE-2017-12356 Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101990

Apple macOS CVE-2017-13872 Authentication Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101981

Cisco IOS XR Software CVE-2017-12355 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101989

Cisco Unified Communications Manager CVE-2017-12357 Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101988

Cisco Meeting Server CVE-2017-12362 Denial of Service Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101987

Cisco Secure Access Control System CVE-2017-12354 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101986

Cisco WebEx Meeting Center CVE-2017-12297 URL Redirection Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101985

Cisco WebEx Meeting Center CVE-2017-12366 Cross Site Scripting Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101984

PowerDNS Authoritative Server Module Multiple Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101982

OpenEMR CVE-2017-16540 Remote Privilege Escalation Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101983

EMC RSA Authentication Agent for Web: Apache Web Server Authentication Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101980

Multiple EMC RSA products CVE-2017-14378 Authentication Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101979

Ethicon Endo-Surgery Generator G11 CVE-2017-14018 Local Authentication Bypass Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101978

Multiple Siemens SCALANCE Products Multiple Security Vulnerabilities
2017-12-01
http://www.securityfocus.com/bid/101977

IBM Rational Rhapsody Design Manager CVE-2017-1240 Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101976

QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101975

IBM Workload Scheduler CVE-2017-1716 Local Information Disclosure Vulnerability
2017-12-01
http://www.securityfocus.com/bid/101974

SANS News

Phishing Kit (Ab)Using Cloud Services

Threatpost

RAT Distributed Via Google Drive Targets East Asia

Exploint

HP iMC Plat 7.2 - Remote Code Execution (2)

HP iMC Plat 7.2 - Remote Code Execution

Jobs2Careers / Coroflot Clone - SQL Injection

WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal

30.11.2017

Bugtraq

Advisory - Hipchat Data Center, Hipchat Server - CVE-2017-14585 2017-11-29
Matthew Hart (mhart atlassian com)

Advisory - Remote code execution in HipChat for Mac desktop client - CVE-2017-14586 2017-11-29
Matthew Hart (mhart atlassian com)

[SECURITY] [DSA 4050-1] xen security update 2017-11-28
Moritz Muehlenhoff (jmm debian org)

Edward Snowden free speech at JBFone - Data Security & Privacy 2017-11-23
Vulnerability Lab (research vulnerability-lab com)

Malware

MSIL/Filecoder.Fantom.A

Win32/Agent.YJF

Win32/Filecoder.Fantom.A

Win32/KillWin.NCI

Win32/Patpoopy.D

Phishing

 

Vulnerebility

Cisco WebEx Network Recording Player CVE-2017-12360 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/102001

Cisco Email Security Appliance CVE-2017-12353 Remote Security Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/102002

cURL/libcURL CVE-2017-8816 Buffer Overflow Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101998

Cisco WebEx Meetings Server CVE-2017-12363 Remote Security Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/102000

Cisco WebEx Event Center CVE-2017-12365 Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101999

EMC ScaleIO CVE-2017-8001 Local Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101997

Cisco Data Center Network Manager Multiple Remote Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/101996

EMC ScaleIO CVE-2017-8020 Buffer Overflow Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101995

Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation
2017-11-30
http://www.securityfocus.com/bid/101993

EMC ScaleIO CVE-2017-8019 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101991

Cisco Jabber for Windows CVE-2017-12361 Local Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101994Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/101832

Apple macOS CVE-2017-13872 Authentication Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101981

Cisco IOS XR Software CVE-2017-12355 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101989

Cisco Unified Communications Manager CVE-2017-12357 Cross Site Scripting Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101988

Cisco Meeting Server CVE-2017-12362 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101987

Cisco Secure Access Control System CVE-2017-12354 Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101986Cisco WebEx Meeting Center CVE-2017-12297 URL Redirection Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101985

Cisco WebEx Meeting Center CVE-2017-12366 Cross Site Scripting Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101984

PowerDNS Authoritative Server Module Multiple Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/101982

OpenEMR CVE-2017-16540 Remote Privilege Escalation Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101983

Apple macOS CVE-2017-13872 Authentication Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101981

EMC RSA Authentication Agent for Web: Apache Web Server Authentication Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101980

Multiple EMC RSA products CVE-2017-14378 Authentication Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101979

Ethicon Endo-Surgery Generator G11 CVE-2017-14018 Local Authentication Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101978

Multiple Siemens SCALANCE Products Multiple Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/101977

IBM Rational Rhapsody Design Manager CVE-2017-1240 Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101976

QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101975

IBM Workload Scheduler CVE-2017-1716 Local Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101974

Polycom HDX Endpoints Remote Code Execution Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101973

Cloud Foundry cf-deployment CVE-2017-14390 Multiple Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/101972

Red Hat OpenStack Platform CVE-2017-15114 Privilege Escalation Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101971

Multiple Cloud Foundry Products CVE-2017-8031 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101967

OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/78622

OpenSSL CVE-2015-3197 Security Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/82237

OpenSSL CVE-2015-3193 Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/78705

OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/78623

OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/78626

Linux Kernel 'mm/pagewalk.c' Local Information Disclosure Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101969

Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101757

McAfee Network Security Manager CVE-2016-8029 Remote Authorization Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101970

Multiple TP-Link Routers CVE-2017-16957 Command Injection Vulnerability
2017-11-30
http://www.securityfocus.com/bid/101968

libxml2 CVE-2016-1762 Multiple Memory Corruption Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/85059

Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
2017-11-30
http://www.securityfocus.com/bid/90865

Libxml2 CVE-2016-4448 Remote Format String Vulnerability
2017-11-30
http://www.securityfocus.com/bid/90856

Apple Mac OS X APPLE-SA-2016-05-16-4 Multiple Security Vulnerabilities
2017-11-30
http://www.securityfocus.com/bid/90696

Libxml2 'xmlParseName' CVE-2016-4447 Remote Denial of Service Vulnerability
2017-11-30
http://www.securityfocus.com/bid/90864

SANS News

More Malspam pushing Emotet malware

Threatpost

Critical Apple Login Bug Puts macOS High Sierra Systems at Risk

Exploint

macOS High Sierra - Root Privilege Escalation (Metasploit)

Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page

QEMU - NBD Server Long Export Name Stack Buffer Overflow

29.11.2017

Bugtraq

 

Malware

Exp.CVE-2017-16415

Exp.CVE-2017-16392

Exp.CVE-2017-16375

Exp.CVE-2017-16389

Exp.CVE-2017-16390

Exp.CVE-2017-16373

RANSOM_CRYPTOQKG.A

Phishing

 

Vulnerebility

IBM Rational Rhapsody Design Manager CVE-2017-1240 Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101976

QEMU 'b/nbd/server.c' Stack Buffer Overflow Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101975

IBM Workload Scheduler CVE-2017-1716 Local Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101974

Polycom HDX Endpoints Remote Code Execution Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101973

Cloud Foundry cf-deployment CVE-2017-14390 Multiple Security Vulnerabilities
2017-11-29
http://www.securityfocus.com/bid/101972

Red Hat OpenStack Platform CVE-2017-15114 Privilege Escalation Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101971

Multiple Cloud Foundry Products CVE-2017-8031 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101967

OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/78622

OpenSSL CVE-2015-3197 Security Bypass Vulnerability
2017-11-29
http://www.securityfocus.com/bid/82237

OpenSSL CVE-2015-3193 Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/78705

OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/78623

OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/78626

Linux Kernel 'mm/pagewalk.c' Local Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101969

Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101757

McAfee Network Security Manager CVE-2016-8029 Remote Authorization Bypass Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101970

Multiple TP-Link Routers CVE-2017-16957 Command Injection Vulnerability
2017-11-29
http://www.securityfocus.com/bid/101968

libxml2 CVE-2016-1762 Multiple Memory Corruption Vulnerabilities
2017-11-29
http://www.securityfocus.com/bid/85059

Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
2017-11-29
http://www.securityfocus.com/bid/90865

Libxml2 CVE-2016-4448 Remote Format String Vulnerability
2017-11-29
http://www.securityfocus.com/bid/90856

Apple Mac OS X APPLE-SA-2016-05-16-4 Multiple Security Vulnerabilities
2017-11-29
http://www.securityfocus.com/bid/90696

Libxml2 'xmlParseName' CVE-2016-4447 Remote Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/90864

Apple Mac OS X/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2017-11-29
http://www.securityfocus.com/bid/90691

libxml2 CVE-2016-3705 Stack Buffer Overflow Vulnerability
2017-11-29
http://www.securityfocus.com/bid/89854

NTP CVE-2016-7433 Local Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/94455

NTP CVE-2016-7429 Local Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/94453

Libxml2 'malloc.c' CVE-2016-3627 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/84992

OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/94242

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2017-11-29
http://www.securityfocus.com/bid/93793

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-11-29
http://www.securityfocus.com/bid/95814

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2017-11-29
http://www.securityfocus.com/bid/93171

SANS News

Apple High Sierra Uses a Passwordless Root Account

Fileless Malicious PowerShell Sample

Threatpost

Leaky AWS Storage Bucket Spills Military Secrets, Again

Google Detects and Boots Tizi Spyware Off Google Play

Critical Apple Login Bug Puts macOS High Sierra Systems at Risk

Exploint

Synology StorageManager 5.2 - Remote Root Command Execution

Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download

pfSense - Authenticated Group Member RCE (Metasploit)

Microsoft Windows 10 Creators Update (version 1703) (x86) - 'WARBIRD'...

28.11.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

libxml2 CVE-2016-1762 Multiple Memory Corruption Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/85059

Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
2017-11-28
http://www.securityfocus.com/bid/90865

Libxml2 CVE-2016-4448 Remote Format String Vulnerability
2017-11-28
http://www.securityfocus.com/bid/90856

Apple Mac OS X APPLE-SA-2016-05-16-4 Multiple Security Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/90696

Libxml2 'xmlParseName' CVE-2016-4447 Remote Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/90864

Apple Mac OS X/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/90691

libxml2 CVE-2016-3705 Stack Buffer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/89854

NTP CVE-2016-7433 Local Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/94455

NTP CVE-2016-7429 Local Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/94453

Libxml2 'malloc.c' CVE-2016-3627 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/84992

OpenSSL CVE-2016-7055 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/94242

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
2017-11-28
http://www.securityfocus.com/bid/93793

OpenSSL CVE-2017-3732 Information Disclosure Vulnerability
2017-11-28
http://www.securityfocus.com/bid/95814

OpenSSL CVE-2016-7052 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/93171

OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/93153OpenSSL CVE-2016-6304 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/93150

OpenSSL CVE-2016-6303 Integer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/92984

OpenSSL CVE-2016-6302 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/92628

OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/92557

OpenSSL CVE-2016-2181 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/92982

OpenSSL CVE-2016-2180 Local Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/92117

OpenSSL CVE-2016-2179 Multiple Denial of Service Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/92987

OpenSSL CVE-2016-2178 Side Channel Attack Information Disclosure Vulnerability
2017-11-28
http://www.securityfocus.com/bid/91081

OpenSSL CVE-2016-2177 Integer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/91319

OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/76317

MOXA EDS-G512E CVE-2017-13701 Information Disclosure Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101966

Multiple Siemens Products CVE-2017-12741 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101964

Huawei UMA CVE-2017-8122 Local Privilege Escalation Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101961

Huawei Smart Phones CVE-2017-8205 Integer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101963

Huawei Smart Phones CVE-2017-8204 Buffer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101962

Multiple HP Products CVE-2017-2750 DLL Signature Validation Remote Code Execution Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101965

Samba CVE-2017-9461 Remote Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/99455

Huawei Smart Phones CVE-2017-8203 Remote Code Execution Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101960

Huawei Smart Phones CVE-2017-8202 Buffer Overflow Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101959

TYPO3 restler Component Arbitrary File Disclosure Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101958

Drupal Custom Permissions Module DRUPAL-SA-CONTRIB-2017-083 Access Bypass Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101957

Huawei Smart Phones CVE-2017-8179 Local Privilege Escalation Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101956

Linux Kernel CVE-2017-16939 Local Privilege Escalation Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101954

Fortinet FortiOS CVE-2017-14186 URI Redirection and Cross Site Scripting Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/101955

Fortinet FortiWebManager CVE-2017-14189 Security Bypass Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101953

Multiple Huawei Products CVE-2017-8201 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101952

Multiple Huawei Products CVE-2017-8199 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101951

OpenStack Nova CVE-2017-16239 Security Bypass Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101950

Multiple Huawei Products CVE-2017-8200 Denial of Service Vulnerability
2017-11-28
http://www.securityfocus.com/bid/101948

PostgreSQL CVE-2017-12172 Remote Privilege Escalation Vulnerabilities
2017-11-28
http://www.securityfocus.com/bid/101949

SANS News

 

Threatpost

Imgur Confirms 2014 Breach of 1.7 Million User Accounts

Newly Published Exploit Code Used to Spread Mirai Variant

HP to Patch Bug Impacting 50 Enterprise Printer Models

Exploint

Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download

ZTE ZXDSL 831CII - Improper Access Restrictions

Diving Log 6.0 - XML External Entity Injection

27.11.2017

Bugtraq

 

Malware

Exp.CVE-2017-16393

Phishing

 

Vulnerebility

Huawei Smart Phones CVE-2017-8202 Buffer Overflow Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101959

TYPO3 restler Component Arbitrary File Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101958

Drupal Custom Permissions Module DRUPAL-SA-CONTRIB-2017-083 Access Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101957

Huawei Smart Phones CVE-2017-8179 Local Privilege Escalation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101956

Linux Kernel CVE-2017-16939 Local Privilege Escalation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101954

Fortinet FortiOS CVE-2017-14186 URI Redirection and Cross Site Scripting Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101955

Fortinet FortiWebManager CVE-2017-14189 Security Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101953

Multiple Huawei Products CVE-2017-8201 Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101952

Multiple Huawei Products CVE-2017-8199 Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101951

OpenStack Nova CVE-2017-16239 Security Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101950

Multiple Huawei Products CVE-2017-8200 Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101948

PostgreSQL CVE-2017-12172 Remote Privilege Escalation Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101949

Atlassian Hipchat for Mac CVE-2017-14586 Remote Code Execution Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101947

Jenkins Favorite Plugin CVE-2017-1000243 Security Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101946

Atlassian Hipchat Server and Data Center CVE-2017-14585 Remote Code Execution Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101945

Jenkins Favorite Plugin CVE-2017-1000244 Cross Site Request Forgery Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101943

HP Integrated Lights-Out and Moonshot RCA Unspecified Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101944

GNU Binutils 'readelf.c' Heap Buffer Overflow Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101941

Jenkins Git Client Plugin CVE-2017-1000242 Insecure Temporary File Creation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101940

Joomla! 'com_tag' Component CVE-2017-15946 SQL Injection Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101942

IBM OpenPages GRC Platform CVE-2017-1300 Cross Site Request Forgery Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101939

HP Matrix Operating Environment HPESBMU03795 Multiple Remote Security Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101938

Google Android Local Privilege Escalation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101937

PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/99293

TYPO3 Formhandler Extension Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101935

TYPO3 Recommend Page Extension Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101936

oVirt Engine CVE-2017-15113 Debug Logging Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101933

Cisco Web Security Appliance CVE-2017-12303 Remote Security Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101932

libbpg 'cudata.cpp' Null Pointer Dereference Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101929

Cisco Identity Services Engine CVE-2017-12316 Brute Force Authentication Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101931Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101832

Cisco Registered Envelope Service Multiple Cross Site Scripting Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101863

Cisco Network Academy Packet Tracer DLL Loading Local Privilege Escalation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101858

Cisco Meeting Server H.264 Decoding CVE-2017-12311 Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101855

FreeBSD CVE-2017-1088 Local Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101857

Cisco RF Gateway 1 CVE-2017-12318 Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101854

Cisco Unified Communications Manager CVE-2017-12302 SQL Injection Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101853

Philips IntelliSpace Cardiovascular and Xcelera CVE-2017-14111 Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101850

Oracle Tuxedo CVE-2017-10266 Remote Security Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101852

Vir.IT Explorer Anti-Virus CVE-2017-16237 Local Privilege Escalation Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101851

Drupal Permissions by Term Module Access Bypass Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101833

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-11-27
http://www.securityfocus.com/bid/101274

CA Identity Governance CVE-2017-9394 HTML Injection Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101849

Linux Kernel 'drivers/media/usb/dvb-usb/dib0700_devices.c' Local Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101846

SAP ERP Multiple Unspecified Security Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101848

Debian Postgresql-common CVE-2017-8806 Multiple Insecure Temporary File Handling Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101810

SAP HANA Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101847

SAP Landscape Management Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101845

Apache Sling Servlets Post CVE-2017-11296 Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101844

SAP GUI for HTML Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/100788

Adobe Experience Manager CVE-2017-3111 Information Disclosure Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101843

Linux Kernel 'drivers/media/usb/hdpvr/hdpvr-core.c' Local Denial of Service Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101842

Microsoft Edge Scripting Engine CVE-2017-11841 Remote Memory Corruption Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101733

Oracle Tuxedo CVE-2017-10269 Remote Security Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101841

Oracle Fusion Middleware CVE-2017-10151 Remote Security Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101619

Microsoft Edge Scripting Engine CVE-2017-11862 Remote Memory Corruption Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101724

Adobe Digital Editions APSB17-39 Multiple Information Disclosure Vulnerabilities
2017-11-27
http://www.securityfocus.com/bid/101839

SAP Composite Application Framework Authorization Tool XML External Entity Injection Vulnerability
2017-11-27
http://www.securityfocus.com/bid/97576

Adobe InDesign CVE-2017-11302 Memory Corruption Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101840

Adobe Experience Manager CVE-2017-3109 Cross Site Scripting Vulnerability
2017-11-27
http://www.securityfocus.com/bid/101834

SANS News

9 Fast and Easy Ways To Lose Your Crypto Coins

Threatpost

 

Exploint

Microsoft Edge Chakra JIT - 'BailOutOnTaggedValue' Bailouts Type Confusion

Microsoft Edge Chakra JIT - 'Inline::InlineCallApplyTarget_Shared' does not Return the...

Microsoft Edge Chakra JIT - Incorrect Function Declaration Scope

Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly

Exim 4.89 - 'BDAT' Denial of Service

25.11.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Huawei Smart Phones CVE-2017-8179 Local Privilege Escalation Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101956

Linux Kernel CVE-2017-16939 Local Privilege Escalation Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101954

Fortinet FortiOS CVE-2017-14186 URI Redirection and Cross Site Scripting Vulnerabilities
2017-11-26
http://www.securityfocus.com/bid/101955

Fortinet FortiWebManager CVE-2017-14189 Security Bypass Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101953

Multiple Huawei Products CVE-2017-8201 Denial of Service Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101952

Multiple Huawei Products CVE-2017-8199 Denial of Service Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101951

OpenStack Nova CVE-2017-16239 Security Bypass Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101950

Multiple Huawei Products CVE-2017-8200 Denial of Service Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101948

PostgreSQL CVE-2017-12172 Remote Privilege Escalation Vulnerabilities
2017-11-26
http://www.securityfocus.com/bid/101949

Atlassian Hipchat for Mac CVE-2017-14586 Remote Code Execution Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101947

Jenkins Favorite Plugin CVE-2017-1000243 Security Bypass Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101946

Atlassian Hipchat Server and Data Center CVE-2017-14585 Remote Code Execution Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101945

Jenkins Favorite Plugin CVE-2017-1000244 Cross Site Request Forgery Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101943

HP Integrated Lights-Out and Moonshot RCA Unspecified Information Disclosure Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101944

GNU Binutils 'readelf.c' Heap Buffer Overflow Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101941

Jenkins Git Client Plugin CVE-2017-1000242 Insecure Temporary File Creation Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101940

Joomla! 'com_tag' Component CVE-2017-15946 SQL Injection Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101942

IBM OpenPages GRC Platform CVE-2017-1300 Cross Site Request Forgery Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101939

HP Matrix Operating Environment HPESBMU03795 Multiple Remote Security Vulnerabilities
2017-11-26
http://www.securityfocus.com/bid/101938

Google Android Local Privilege Escalation Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101937

PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability
2017-11-26
http://www.securityfocus.com/bid/99293

TYPO3 Formhandler Extension Cross Site Scripting Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101935

TYPO3 Recommend Page Extension Cross Site Scripting Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101936

oVirt Engine CVE-2017-15113 Debug Logging Information Disclosure Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101933

Cisco Web Security Appliance CVE-2017-12303 Remote Security Bypass Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101932

libbpg 'cudata.cpp' Null Pointer Dereference Denial of Service Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101929

Cisco Identity Services Engine CVE-2017-12316 Brute Force Authentication Bypass Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101931

Cisco Immunet Antimalware CVE-2017-12312 DLL Loading Local Privilege Escalation Vulnerability
2017-11-26
http://www.securityfocus.com/bid/101930

Intel Manageability Engine CVE-2017-5708 Multiple Local Privilege Escalation Vulnerabilities
2017-11-26
http://www.securityfocus.com/bid/101921

Cisco Email Security Appliance CVE-2017-12309 HTTP Response Splitting Vulnerability
2017-11-26
http://www.securityfocus.com/bid/10192

Huawei Smart Phones CVE-2017-8179 Local Privilege Escalation Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101956

Linux Kernel CVE-2017-16939 Local Privilege Escalation Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101954

Fortinet FortiOS CVE-2017-14186 URI Redirection and Cross Site Scripting Vulnerabilities
2017-11-25
http://www.securityfocus.com/bid/101955

Fortinet FortiWebManager CVE-2017-14189 Security Bypass Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101953

Multiple Huawei Products CVE-2017-8201 Denial of Service Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101952

Multiple Huawei Products CVE-2017-8199 Denial of Service Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101951

OpenStack Nova CVE-2017-16239 Security Bypass Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101950

Multiple Huawei Products CVE-2017-8200 Denial of Service Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101948

PostgreSQL CVE-2017-12172 Remote Privilege Escalation Vulnerabilities
2017-11-25
http://www.securityfocus.com/bid/101949

Atlassian Hipchat for Mac CVE-2017-14586 Remote Code Execution Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101947

Jenkins Favorite Plugin CVE-2017-1000243 Security Bypass Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101946

Atlassian Hipchat Server and Data Center CVE-2017-14585 Remote Code Execution Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101945

Jenkins Favorite Plugin CVE-2017-1000244 Cross Site Request Forgery Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101943

HP Integrated Lights-Out and Moonshot RCA Unspecified Information Disclosure Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101944

GNU Binutils 'readelf.c' Heap Buffer Overflow Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101941

Jenkins Git Client Plugin CVE-2017-1000242 Insecure Temporary File Creation Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101940

Joomla! 'com_tag' Component CVE-2017-15946 SQL Injection Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101942

IBM OpenPages GRC Platform CVE-2017-1300 Cross Site Request Forgery Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101939

HP Matrix Operating Environment HPESBMU03795 Multiple Remote Security Vulnerabilities
2017-11-25
http://www.securityfocus.com/bid/101938

Google Android Local Privilege Escalation Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101937

PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability
2017-11-25
http://www.securityfocus.com/bid/99293

TYPO3 Formhandler Extension Cross Site Scripting Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101935

TYPO3 Recommend Page Extension Cross Site Scripting Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101936

oVirt Engine CVE-2017-15113 Debug Logging Information Disclosure Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101933

Cisco Web Security Appliance CVE-2017-12303 Remote Security Bypass Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101932

libbpg 'cudata.cpp' Null Pointer Dereference Denial of Service Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101929

Cisco Identity Services Engine CVE-2017-12316 Brute Force Authentication Bypass Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101931

Cisco Immunet Antimalware CVE-2017-12312 DLL Loading Local Privilege Escalation Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101930

Intel Manageability Engine CVE-2017-5708 Multiple Local Privilege Escalation Vulnerabilities
2017-11-25
http://www.securityfocus.com/bid/101921

Cisco Email Security Appliance CVE-2017-12309 HTTP Response Splitting Vulnerability
2017-11-25
http://www.securityfocus.com/bid/101928

SANS News

Exim Remote Code Exploit

Benefits associated with the use of Open Source Software

Threatpost

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

Exploint

Linux - 'mincore()' Uninitialized Kernel Heap Page Disclosure

ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode)

24.11.2017

Bugtraq

Edward Snowden free speech at JBFone - Data Security & Privacy 2017-11-23
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 4046-1] libspring-ldap-java security update 2017-11-22
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 4045-1] vlc security update 2017-11-21
Moritz Muehlenhoff (jmm debian org)

CSNC-2017-029 MyTy Blind SQL Injection 2017-11-21
Advisories (advisories compass-security com)

Malware

 

Phishing

service

23rd November 2017

Warning : Unusual activities
on your PayPal account

service

23rd November 2017

[Support Inc] : Your paypal
account has benn limited!

Natwest

23rd November 2017

Security Update

btinternet

23rd November 2017

Your btinternet account
settings are out of date.

Vulnerebility

Atlassian Hipchat for Mac CVE-2017-14586 Remote Code Execution Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101947

Jenkins Favorite Plugin CVE-2017-1000243 Security Bypass Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101946

Atlassian Hipchat Server and Data Center CVE-2017-14585 Remote Code Execution Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101945

Jenkins Favorite Plugin CVE-2017-1000244 Cross Site Request Forgery Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101943

HP Integrated Lights-Out and Moonshot RCA Unspecified Information Disclosure Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101944

GNU Binutils 'readelf.c' Heap Buffer Overflow Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101941

Jenkins Git Client Plugin CVE-2017-1000242 Insecure Temporary File Creation Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101940

Joomla! 'com_tag' Component CVE-2017-15946 SQL Injection Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101942

IBM OpenPages GRC Platform CVE-2017-1300 Cross Site Request Forgery Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101939

HP Matrix Operating Environment HPESBMU03795 Multiple Remote Security Vulnerabilities
2017-11-24
http://www.securityfocus.com/bid/101938

Google Android Local Privilege Escalation Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101937

PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability
2017-11-24
http://www.securityfocus.com/bid/99293

TYPO3 Formhandler Extension Cross Site Scripting Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101935

TYPO3 Recommend Page Extension Cross Site Scripting Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101936

oVirt Engine CVE-2017-15113 Debug Logging Information Disclosure Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101933

Cisco Web Security Appliance CVE-2017-12303 Remote Security Bypass Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101932

libbpg 'cudata.cpp' Null Pointer Dereference Denial of Service Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101929

Cisco Identity Services Engine CVE-2017-12316 Brute Force Authentication Bypass Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101931

Cisco Immunet Antimalware CVE-2017-12312 DLL Loading Local Privilege Escalation Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101930

Intel Manageability Engine CVE-2017-5708 Multiple Local Privilege Escalation Vulnerabilities
2017-11-24
http://www.securityfocus.com/bid/101921

Cisco Email Security Appliance CVE-2017-12309 HTTP Response Splitting Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101928

Jenkins Delivery Pipeline Plugin CVE-2017-1000404 Cross Site Scripting Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101927

Intel Trusted Execution Engine CVE-2017-5710 Multiple Local Privilege Escalation Vulnerabilities
2017-11-24
http://www.securityfocus.com/bid/101922

OpenStack Swauth CVE-2017-16613 Authentication Bypass Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101926

Intel Manageability Engine CVE-2017-5712 Remote Buffer Overflow Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101920

EMC RSA Authentication Manager CVE-2017-14379 HTML Injection Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101925

OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101552

FFmpeg CVE-2017-16840 Multiple Denial of Service Vulnerabilities
2017-11-24
http://www.securityfocus.com/bid/101924

QEMU 'hw/input/ps2.c' Information Disclosure Vulnerability
2017-11-24
http://www.securityfocus.com/bid/101923

Intel Trusted Execution Engine CVE-2017-5707 Multiple Local Buffer Overflow Vulnerabilities
2017-11-24
http://www.securityfocus.com/bid/101919

SANS News

 

Threatpost

 

Exploint

 

23.11.2017

Bugtraq

[SECURITY] [DSA 4046-1] libspring-ldap-java security update 2017-11-22
Sebastien Delafond (seb debian org)

[SECURITY] [DSA 4045-1] vlc security update 2017-11-21
Moritz Muehlenhoff (jmm debian org)

CSNC-2017-029 MyTy Blind SQL Injection 2017-11-21
Advisories (advisories compass-security com)

Malware

Exp.CVE-2017-11882

Win32/Agent.NDM

Exp.CVE-2017-16383

Exp.CVE-2017-16381

Exp.CVE-2017-16384

Phishing

btinternet

23rd November 2017

Your btinternet account
settings are out of date.

Vulnerebility

GNU Binutils 'readelf.c' Heap Buffer Overflow Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101941

Jenkins Git Client Plugin CVE-2017-1000242 Insecure Temporary File Creation Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101940

Joomla! 'com_tag' Component CVE-2017-15946 SQL Injection Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101942

IBM OpenPages GRC Platform CVE-2017-1300 Cross Site Request Forgery Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101939

HP Matrix Operating Environment HPESBMU03795 Multiple Remote Security Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101938

Google Android Local Privilege Escalation Vulnerability

PHPMailer 'code_generator.php' Cross Site Scripting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/99293

TYPO3 Formhandler Extension Cross Site Scripting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101935

TYPO3 Recommend Page Extension Cross Site Scripting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101936

oVirt Engine CVE-2017-15113 Debug Logging Information Disclosure Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101933

Cisco Web Security Appliance CVE-2017-12303 Remote Security Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101932

libbpg 'cudata.cpp' Null Pointer Dereference Denial of Service Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101929

Cisco Identity Services Engine CVE-2017-12316 Brute Force Authentication Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101931

Cisco Immunet Antimalware CVE-2017-12312 DLL Loading Local Privilege Escalation Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101930

Intel Manageability Engine CVE-2017-5708 Multiple Local Privilege Escalation Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101921

Cisco Email Security Appliance CVE-2017-12309 HTTP Response Splitting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101928

Jenkins Delivery Pipeline Plugin CVE-2017-1000404 Cross Site Scripting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101927

Intel Trusted Execution Engine CVE-2017-5710 Multiple Local Privilege Escalation Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101922

OpenStack Swauth CVE-2017-16613 Authentication Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101926

Intel Manageability Engine CVE-2017-5712 Remote Buffer Overflow Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101920

EMC RSA Authentication Manager CVE-2017-14379 HTML Injection Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101925

OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101552

FFmpeg CVE-2017-16840 Multiple Denial of Service Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101924

QEMU 'hw/input/ps2.c' Information Disclosure Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101923

Intel Trusted Execution Engine CVE-2017-5707 Multiple Local Buffer Overflow Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101919

Multiple Oracle Server Products Multiple Local Security Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101906

Intel Manageability Engine CVE-2017-5711 Multiple Local Buffer Overflow Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101918

Intel Manageability Engine CVE-2017-5705 Multiple Local Buffer Overflow Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101917

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
2017-11-23
http://www.securityfocus.com/bid/36935

Fortinet Fortiweb CVE-2017-7736 HTML Injection Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101916

TYPO3 T3Blog Extbase Extension Cross Site Scripting Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101913

Cisco ASA Next-Generation Firewall Services CVE-2017-12299 Remote Security Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101915

WPA2 Key Reinstallation Multiple Security Weaknesses
2017-11-23
http://www.securityfocus.com/bid/101274

Cisco Spark Board CVE-2017-12306 Local Security Bypass Vulnerability
2017-11-23
http://www.securityfocus.com/bid/101914

Magento Multiple Security Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101912

Linux kernel 'block/bio.c' Multiple Local Information Disclosure Vulnerabilities
2017-11-23
http://www.securityfocus.com/bid/101911

SANS News

Proactive Malicious Domain Search

Threatpost

HP to Patch Bug Impacting 50 Enterprise Printer Models

Exploint

WebKit - 'WebCore::FormSubmission::create' Use-After-Free

WebKit - 'WebCore::RenderObject::previousSibling' Use-After-Free

WebKit - 'WebCore::DocumentLoader::frameLoader' Use-After-Free

WebKit - 'WebCore::Style::TreeResolver::styleForElement' Use-After-Free

WebKit - 'WebCore::SVGPatternElement::collectPatternAttributes' Out-of-Bounds Read

WebKit - 'WebCore::SimpleLineLayout::RunResolver::runForPoint' Out-of-Bounds Read

WebKit - 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read