Databáze Hot News - Rok - Úvod  2018  2017  2016  2015  2014  2013  - 1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  List  - 2018  2017  2016  2015  2014  2013 
Poslední aktualizace v 08.10.2016 14:19:38 

3.10.2017

Bugtraq

HPESBMU03753 rev.1 - HPE System Management Homepage, Multiple Remote Vulnerabilities 2017-10-02
HPE Product Security Response Team (security-alert hpe com)

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

SECURITY] DSA 3988-1] libidn2-0 security update 2017-09-30
Salvatore Bonaccorso (carnil debian org)

Mac OS X Local Javascript Quarantine Bypass 2017-09-30
filippo cavallarin wearesegment com

SECURITY] DSA 3987-1] firefox-esr security update 2017-09-29
Moritz Muehlenhoff (jmm debian org)

SECURITY] DSA 3986-1] ghostscript security update 2017-09-29
Salvatore Bonaccorso (carnil debian org)

Malware

 

Phishing

AMA

2nd October 2017

AOL Mail: Account

*****CONGRATULATION*****

1st October 2017

TODAY ONLY: Your $50 Amazon
gift card

Vulnerebility

Tcpdump CVE-2017-12997 Denial of Service Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100914

Multiple EMC Products CVE-2017-8007 Directory Traversal Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100957

Samba CVE-2017-12150 Man in the Middle Security Bypass Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100918

Samba CVE-2017-12163 Arbitrary File Write Vulnerability
2017-10-03
http://www.securityfocus.com/bid/100925

Cisco IOS and IOS XE Software CVE-2017-12228 Certificate Validation Security Bypass Vulnerability
2017-10-02
http://www.securityfocus.com/bid/101065

Google Android Framework CVE-2017-0806 Security Bypass Vulnerability
2017-10-02
http://www.securityfocus.com/bid/101086

Dnsmasq VU#973527 Multiple Security Vulnerabilities
2017-10-02
http://www.securityfocus.com/bid/101085

Multiple Wordpress Plugins PHP Object Injection Vulnerability
2017-10-02
http://www.securityfocus.com/bid/101082

SolarWinds Network Performance Monitor CVE-2017-9537 Multiple HTML Injection Vulnerabilities
2017-09-29
http://www.securityfocus.com/bid/101071

SolarWinds Network Performance Monitor CVE-2017-9538 Denial of Service Vulnerability
2017-09-29
http://www.securityfocus.com/bid/101066

Jenkins Multiple Plugins Multiple HTML Injection Vulnerabilities
2017-09-29
http://www.securityfocus.com/bid/101061

Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/78712

Adobe Flash Player and AIR CVE-2015-8651 Unspecified Integer Overflow Vulnerability
2017-09-28
http://www.securityfocus.com/bid/79705

Adobe Flash Player and AIR APSB16-08 Multiple Unspecified Integer Overflow Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/84308

Adobe Flash Player CVE-2016-1019 Unspecified Remote Code Execution Vulnerability
2017-09-28
http://www.securityfocus.com/bid/85856

Microsoft Internet Explorer CVE-2016-0189 Scripting Engine Remote Memory Corruption Vulnerability
2017-09-28
http://www.securityfocus.com/bid/90012

Adobe Flash Player CVE-2016-4117 Unspecified Remote Code Execution Vulnerability
2017-09-28
http://www.securityfocus.com/bid/90505

Microsoft XML Core Services CVE-2017-0022 Information Disclosure Vulnerability
2017-09-28
http://www.securityfocus.com/bid/96069

Microsoft Internet Explorer and Edge CVE-2017-0037 Remote Memory Corruption Vulnerability
2017-09-28
http://www.securityfocus.com/bid/96088

Drupal Ctools Module Cross Site Scripting and Access Bypass Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/76441

TrendMicro OfficeScan Multiple Security Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/101076

Trend Micro OfficeScan CVE-2017-14087 Host Header Injection Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101074

IBM WebSphere Commerce CVE-2017-1569 Unspecified Denial of Service Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101073

Trend Micro OfficeScan CVE-2017-14084 Remote Code Execution Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101072

Xen Information Disclosure Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101067

Git CVE-2017-14867 OS Command Injection Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101060

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/101059

IBM Insights Foundation for Energy CVE-2017-1311 Unspecified SQL Injection Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101058

Mozilla Firefox Multiple Security Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/101057

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/101055

SANS News

Malspam pushing Formbook info stealer

Threatpost

Netgear Fixes 50 Vulnerabilities in Routers, Switches, NAS Devices

Judge: FBI Can Keep iPhone Crack and Price Secret

Gary McGraw on BSIMM8 and Software Security

Exploit

Apple Mac OS X + Safari - Local Javascript Quarantine Bypass

Fiberhome AN5506-04-F - Command Injection

UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Unauthenticated Root Remote Code...

Qmail SMTP - Bash Environment Variable Injection (Metasploit)

OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'documentId' SQL Injection

OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection

phpCollab 2.5.1 - SQL Injection phpCollab 2.5.1 - Arbitrary File Upload

NPM-V (Network Power Manager) 2.4.1 - Password Reset

UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape

UCOPIA Wireless Appliance < 5.1.8 - Privilege Escalation

Dnsmasq < 2.78 - Integer Underflow

Dnsmasq < 2.78 - Lack of free() Denial of Service

Dnsmasq < 2.78 - Information Leak

Dnsmasq < 2.78 - Stack-Based Overflow

Dnsmasq < 2.78 - Heap-Based Overflow

Dnsmasq < 2.78 - 2-byte Heap-Based Overflow

Linux Kernel < 4.14.rc3 - Local Denial of Service

2.10.2017

Bugtraq

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Server Side Request Forgery (apparitionsec / hyp3rlinx) 2017-10-01
apparitionsec gmail com

SECURITY] DSA 3988-1] libidn2-0 security update 2017-09-30
Salvatore Bonaccorso (carnil debian org)

Mac OS X Local Javascript Quarantine Bypass 2017-09-30
filippo cavallarin wearesegment com

Malware

 

Phishing

*****CONGRATULATION*****

1st October 2017

TODAY ONLY: Your $50 Amazon
gift card

IRS

30th September 2017

Urgent attention on your
account

Vulnerebility

Cisco IOS and IOS XE Software CVE-2017-12228 Certificate Validation Security Bypass Vulnerability
2017-10-02
http://www.securityfocus.com/bid/101065

SolarWinds Network Performance Monitor CVE-2017-9538 Denial of Service Vulnerability
2017-09-29
http://www.securityfocus.com/bid/101066

Jenkins Multiple Plugins Multiple HTML Injection Vulnerabilities
2017-09-29
http://www.securityfocus.com/bid/101061

Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/78712

SANS News

Investigating Security Incidents with Passive DNS

Threatpost

 

Exploit

Linux Kernel < 4.14.rc3 - Local Denial of Service

Sync Breeze Enterprise 10.0.28 - Buffer Overflow

HBGK DVR 3.0.0 build20161206 - Authentication Bypass

ConverTo Video Downloader & Converter 1.4.1 - Arbitrary File Download

Real Estate MLM plan script 1.0 - 'srch' Parameter SQL Injection

PHP Multi Vendor Script 1.02 - 'sid' Parameter SQL Injection

WordPress Plugin WPHRM - SQL Injection

SmarterStats 11.3.6347 - Cross-Site Scripting

1.10.2017

Bugtraq

CVE-2017-14087 Trend Micro OfficeScan v11.0 and XG (12.0)* Host Header Injection (apparitionsec / hyp3rlinx) 2017-09-28
apparitionsec gmail com

security bulletin] HPESBGN03773 rev.2 - HPE Application Performance Management (BSM), Remote Code Execution 2017-09-28
swpmb cyber-psrt microfocus com

CVE-2017-14084 Trend Micro OfficeScan v11.0 and XG (12.0)* CURL (MITM) Remote Code Execution (apparitionsec / hyp3rlinx) 2017-09-28
apparitionsec gmail com

Malware

 

Phishing

Paypal Inc.

30th September 2017

PAYPAL ASK TO UPDATE YOUR
ACCOUNT.

contact

29th September 2017

ACCOUNT UPDATE RECIEPT #DA5413

Vulnerebility

Jenkins Multiple Plugins Multiple HTML Injection Vulnerabilities
2017-09-29
http://www.securityfocus.com/bid/101061

Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/78712

Adobe Flash Player and AIR CVE-2015-8651 Unspecified Integer Overflow Vulnerability
2017-09-28
http://www.securityfocus.com/bid/79705

Adobe Flash Player and AIR APSB16-08 Multiple Unspecified Integer Overflow Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/84308

Adobe Flash Player CVE-2016-1019 Unspecified Remote Code Execution Vulnerability
2017-09-28
http://www.securityfocus.com/bid/85856

SANS News

Who's Borrowing your Resources?

Good Analysis = Understanding(tools + logs + normal)

Threatpost

Siemens Patches Improper Access Vulnerability in Ruggedcom Protocol

ICANN Postpones Scheduled DNS Crypto Key Rollover

Exploit

 

29.9.2017

Bugtraq

CVE-2017-14087 Trend Micro OfficeScan v11.0 and XG (12.0)* Host Header Injection (apparitionsec / hyp3rlinx) 2017-09-28
apparitionsec gmail com

security bulletin] HPESBGN03773 rev.2 - HPE Application Performance Management (BSM), Remote Code Execution 2017-09-28
swpmb cyber-psrt microfocus com

CVE-2017-14084 Trend Micro OfficeScan v11.0 and XG (12.0)* CURL (MITM) Remote Code Execution (apparitionsec / hyp3rlinx) 2017-09-28
apparitionsec gmail com

CVE-2017-9538] Persistent Application Denial of Service 2017-09-29
andys3c gmail com

CVE-2017-9537] Persistent Cross-Site Scripting Vulnerabilities 2017-09-29
andys3c gmail com

Faleemi FSC-880 Multiple Security Vulnerabilities 2017-09-27
oleg iotsploit co

Malware

Trojan.Starloader

Phishing

contact

29th September 2017

ACCOUNT UPDATE RECIEPT #DA5413

Natwest

28th September 2017

Temporarily Restriction Notice

Admin

28th September 2017

Secure your rgwalker99@aol.com
email account

Vulnerebility

Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/78712

Adobe Flash Player and AIR CVE-2015-8651 Unspecified Integer Overflow Vulnerability
2017-09-28
http://www.securityfocus.com/bid/79705

Adobe Flash Player and AIR APSB16-08 Multiple Unspecified Integer Overflow Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/84308

Adobe Flash Player CVE-2016-1019 Unspecified Remote Code Execution Vulnerability
2017-09-28
http://www.securityfocus.com/bid/85856

Microsoft Internet Explorer CVE-2016-0189 Scripting Engine Remote Memory Corruption Vulnerability
2017-09-28
http://www.securityfocus.com/bid/90012

Adobe Flash Player CVE-2016-4117 Unspecified Remote Code Execution Vulnerability
2017-09-28
http://www.securityfocus.com/bid/90505

Microsoft XML Core Services CVE-2017-0022 Information Disclosure Vulnerability
2017-09-28
http://www.securityfocus.com/bid/96069

Microsoft Internet Explorer and Edge CVE-2017-0037 Remote Memory Corruption Vulnerability
2017-09-28
http://www.securityfocus.com/bid/96088

Drupal Ctools Module Cross Site Scripting and Access Bypass Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/76441

Mozilla Firefox and Firefox ESR Multiple Use After Free Denial of Service Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/101055

Mozilla Firefox CVE-2017-7810 Multiple Unspecified Memory Corruption Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/101054

Mozilla Firefox and Firefox ESR CVE-2017-7824 Buffer Overflow Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101053

Perl CVE-2017-12814 Stack Based Buffer Overflow Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101051

WordPress 2kb Amazon Affiliates Store Plugin Multiple Cross Site Scripting Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/101050

libvorbis CVE-2017-14160 Denial of Service Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101045

Multiple Siemens Products Discovery Protocol CVE-2017-12736 Remote Security Bypass Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101041

Apache HTTP Server CVE-2016-8743 Security Bypass Vulnerability
2017-09-27
http://www.securityfocus.com/bid/95077

Apache Struts CVE-2017-9793 Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/100611

Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/100612

Apache Struts Spring AOP Functionality Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/99562

Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability
2017-09-27
http://www.securityfocus.com/bid/100829

Apache Struts CVE-2017-7672 Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/99563

Apache Struts CVE-2017-9791 Remote Code Execution Vulnerability
2017-09-27
http://www.securityfocus.com/bid/99484

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
2017-09-27
http://www.securityfocus.com/bid/100609

Apple iOS and tvOS Wi-Fi Chip Multiple Arbitray Code Execution Vulnerabilities
2017-09-27
http://www.securityfocus.com/bid/100984

Oracle Java SE and JRockit CVE-2017-10115 Remote Security Vulnerability
2017-09-27
http://www.securityfocus.com/bid/99774

Cisco IOS Software CVE-2017-12232 Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101044

Cisco IOS Software CVE-2017-12235 Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101043

Multiple Cisco Products CVE-2017-12239 Local Unauthorized Access Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101042

Cisco IOS Software for Cisco Catalyst 6800 Series Switches Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101040

SANS News

The easy way to analyze huge amounts of PCAP data

Threatpost

Civil Liberties Activists Hit By Phishing Campaign

Google to Enforce HSTS on TLDs it Operates

Macs Not Receiving EFI Firmware Security Updates as Expected

Exploit

FileRun <= 2017.09.18 - SQL Injection

Trend Micro OfficeScan 11.0/XG (12.0) - Memory Corruption

Easy Blog PHP Script 1.3a - 'id' Parameter SQL Injection

Roteador Wireless Intelbras WRN150 - Autentication Bypass

Trend Micro OfficeScan 11.0/XG (12.0) - 'Host' Header Injection

Trend Micro OfficeScan 11.0/XG (12.0) - Server Side Request Forgery

Trend Micro OfficeScan 11.0/XG (12.0) - Information Disclosure

Trend Micro OfficeScan 11.0/XG (12.0) - Code Execution / Memory Corruption

Trend Micro OfficeScan 11.0/XG (12.0) - Private Key Disclosure

Roteador Wireless Intelbras WRN150 - Autentication Bypass

Easy Blog PHP Script 1.3a - 'id' Parameter SQL Injection

28.9.2017

Bugtraq

 

Malware

MSIL/Spy.Netpune.A

MSIL/Spy.RinLog.A

Win32/TrojanProxy.Hioles.AD

Win32/Emotet.AW

Win32/TrickBot.V

Phishing

Admin

28th September 2017

Secure your rgwalker99@aol.com
email account

Security Team

27th September 2017

Your account has been limited.

Vulnerebility

Adobe Flash Player and AIR CVE-2015-8651 Unspecified Integer Overflow Vulnerability
2017-09-28
http://www.securityfocus.com/bid/79705

Adobe Flash Player and AIR APSB16-08 Multiple Unspecified Integer Overflow Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/84308

Adobe Flash Player CVE-2016-1019 Unspecified Remote Code Execution Vulnerability
2017-09-28
http://www.securityfocus.com/bid/85856

Microsoft Internet Explorer CVE-2016-0189 Scripting Engine Remote Memory Corruption Vulnerability
2017-09-28
http://www.securityfocus.com/bid/90012

Adobe Flash Player CVE-2016-4117 Unspecified Remote Code Execution Vulnerability
2017-09-28
http://www.securityfocus.com/bid/90505

Microsoft XML Core Services CVE-2017-0022 Information Disclosure Vulnerability
2017-09-28
http://www.securityfocus.com/bid/96069

Microsoft Internet Explorer and Edge CVE-2017-0037 Remote Memory Corruption Vulnerability
2017-09-28
http://www.securityfocus.com/bid/96088

Drupal Ctools Module Cross Site Scripting and Access Bypass Vulnerabilities
2017-09-28
http://www.securityfocus.com/bid/76441

libvorbis CVE-2017-14160 Denial of Service Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101045

Multiple Siemens Products Discovery Protocol CVE-2017-12736 Remote Security Bypass Vulnerability
2017-09-28
http://www.securityfocus.com/bid/101041

Apache HTTP Server CVE-2016-8743 Security Bypass Vulnerability
2017-09-27
http://www.securityfocus.com/bid/95077

Apache Struts CVE-2017-9793 Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/100611

Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/100612

Apache Struts Spring AOP Functionality Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/99562

Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability
2017-09-27
http://www.securityfocus.com/bid/100829

Apache Struts CVE-2017-7672 Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/99563

Apache Struts CVE-2017-9791 Remote Code Execution Vulnerability
2017-09-27
http://www.securityfocus.com/bid/99484

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
2017-09-27
http://www.securityfocus.com/bid/100609

Apple iOS and tvOS Wi-Fi Chip Multiple Arbitray Code Execution Vulnerabilities
2017-09-27
http://www.securityfocus.com/bid/100984

Oracle Java SE and JRockit CVE-2017-10115 Remote Security Vulnerability
2017-09-27
http://www.securityfocus.com/bid/99774

Cisco IOS Software CVE-2017-12232 Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101044

Cisco IOS Software CVE-2017-12235 Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101043

Multiple Cisco Products CVE-2017-12239 Local Unauthorized Access Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101042

Cisco IOS Software for Cisco Catalyst 6800 Series Switches Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101040

Cisco IOS Software CVE-2017-12231 Remote Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101039

Cisco IOS Software Common Industrial Protocol Multiple Denial of Service Vulnerabilities
2017-09-27
http://www.securityfocus.com/bid/101038

Cisco IOS and IOS XE Software CVE-2017-12237 Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101037

Cisco IOS XE Software CVE-2017-12230 Privilege Escalation Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101036

Cisco IOS XE Software CVE-2017-12222 Denial of Service Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101035

Cisco IOS and IOS XE Software CVE-2017-12240 Buffer Overflow Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101034

SANS News

 

Threatpost

Gatekeeper Alone Won’t Mitigate Apple Keychain Attack

Exploit

Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code...

LAquis SCADA 4.1.0.2385 - Directory Traversal (Metasploit)

27.9.2017

Bugtraq

Faleemi FSC-880 Multiple Security Vulnerabilities 2017-09-27
oleg iotsploit co

Bitdefender Total Security 2017 Unquoted Service Path Vulnerability 2017-09-27
wsachin092 gmail com

SECURITY] DSA 3984-1] git security update 2017-09-26
Florian Weimer (fw deneb enyo de)

Qualys Security Advisory - Linux PIE/stack corruption (CVE-2017-1000253) 2017-09-26
Qualys Security Advisory (qsa qualys com)

security bulletin] HPESBGN03773 rev.1 - HPE Application Performance Management (BSM), Remote Code Execution 2017-09-25
swpmb cyber-psrt microfocus com

Mako Web Server v2.5 Multiple Unauthenticated Vulnerabilities (apparitionsec / hyp3rlinx) 2017-09-25
apparitionsec gmail com

Kaltura - Remote Code Execution and Cross-Site Scripting 2017-09-24
robin verton telekom de

Malware

 

Phishing

Navy Federal Credit Union

26th September 2017

You Have 1 New Security
Message Alert !

Vulnerebility

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
2017-09-27
http://www.securityfocus.com/bid/100609

Apple iOS and tvOS Wi-Fi Chip Multiple Arbitray Code Execution Vulnerabilities
2017-09-27
http://www.securityfocus.com/bid/100984

Oracle Java SE and JRockit CVE-2017-10115 Remote Security Vulnerability
2017-09-27
http://www.securityfocus.com/bid/99774

Bitdefender Total Security Local Code Execution Vulnerability
2017-09-27
http://www.securityfocus.com/bid/101014

Oracle Java SE and JRockit CVE-2017-10116 Remote Security Vulnerability
2017-09-26
http://www.securityfocus.com/bid/99734

Apple iTunes CVE-2017-7079 Access Bypass Vulnerability
2017-09-26
http://www.securityfocus.com/bid/100983

Linux Kernel CVE-2017-1000253 Local Privilege Escalation Vulnerability
2017-09-26
http://www.securityfocus.com/bid/101010

EMC Data Protection Advisor CVE-2017-10955 Remote Command Injection Vulnerability
2017-09-26
http://www.securityfocus.com/bid/101008

Symantec Norton Remove and Reinstall DLL Loading CVE-2017-13676 Local Code Execution Vulnerability
2017-09-26
http://www.securityfocus.com/bid/100939

SANS News

 

Threatpost

Remote Wi-Fi Attack Backdoors iPhone 7

Exploit

WordPress Plugin WPAMS - SQL Injection

WordPress Plugin School Management System - SQL Injection

WordPress Plugin Hospital Management System - SQL Injection

WordPress Plugin WPGYM - SQL Injection

WordPress Plugin WPCHURCH - SQL Injection

AMC Master - Arbitrary File Upload

SMSmaster - SQL Injection

26.9.2017

Bugtraq

security bulletin] HPESBGN03773 rev.1 - HPE Application Performance Management (BSM), Remote Code Execution 2017-09-25
swpmb cyber-psrt microfocus com

Mako Web Server v2.5 Multiple Unauthenticated Vulnerabilities (apparitionsec / hyp3rlinx) 2017-09-25
apparitionsec gmail com

Malware

Ransom.Redboot

Phishing

*****CONGRATULATION*****

25th September 2017

TODAY ONLY: Your $50 Amazon
gift card

AMERICAN EXPRESS

25th September 2017

News] Message From AMERICAN
EXPRESS

Vulnerebility

Apple iOS and tvOS Wi-Fi Chip Multiple Arbitray Code Execution Vulnerabilities
2017-09-26
http://www.securityfocus.com/bid/100984

Apple iTunes CVE-2017-7079 Access Bypass Vulnerability
2017-09-26
http://www.securityfocus.com/bid/100983

Adobe Flash Player CVE-2015-0313 Remote Code Execution Vulnerability
2017-09-25
http://www.securityfocus.com/bid/72429

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7255 Local Privilege Escalation Vulnerability
2017-09-25
http://www.securityfocus.com/bid/94064

Adobe Flash Player CVE-2016-7855 Use After Free Remote Code Execution Vulnerability
2017-09-25
http://www.securityfocus.com/bid/93861

Microsoft Windows Common Controls ActiveX Control Remote Code Execution Vulnerability
2017-09-25
http://www.securityfocus.com/bid/52911

Expat CVE-2016-0718 Buffer Overflow Vulnerability
2017-09-25
http://www.securityfocus.com/bid/90729

Cisco Integrated Management Controller CVE-2017-6619 Remote Command Execution Vulnerability
2017-09-25
http://www.securityfocus.com/bid/97925

SANS News

XPCTRA Malware Steals Banking and Digital Wallet User's Credentials

Threatpost

Deloitte: ‘Very Few Clients’ Impacted by Cyber Attack
Android Lockscreen Patterns Less Secure Than PINs

Exploit

Oracle 9i XDB 9.2.0.1 - HTTP PASS Buffer Overflow

Supervisor 3.0a1 - 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit)

Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH)

NodeJS Debugger - Command Injection (Metasploit)

FLIR Thermal Camera F/FC/PT/D - SSH Backdoor

Sitefinity CMS 9.2 - Cross-Site Scripting

FLIR Thermal Camera F/FC/PT/D - Stream Disclosure

FLIR Thermal Camera FC-S/PT - Command Injection

FLIR Thermal Camera F/FC/PT/D - Information Disclosure

FLIR Thermal Camera PT-Series (PT-334 200562) - Root Remote Code Execution

Linux/x86_64 - mkdir() 'evil' Shellcode (30 bytes)

25.9.2017

Bugtraq

Mako Web Server v2.5 Multiple Unauthenticated Vulnerabilities (apparitionsec / hyp3rlinx) 2017-09-25
apparitionsec gmail com

Kaltura - Remote Code Execution and Cross-Site Scripting 2017-09-24
robin verton telekom de

slackware-security] libxml2 (SSA:2017-266-01) 2017-09-23
Slackware Security Team (security slackware com)

SECURITY] DSA 3983-1] samba security update 2017-09-22
Moritz Muehlenhoff (jmm debian org)

APPLE-SA-2017-09-19-1 iOS 11 2017-09-19
Apple Product Security (product-security-noreply lists apple com)

slackware-security] httpd (SSA:2017-261-01) 2017-09-18
Slackware Security Team (security slackware com)

Malware

Linux.Proxym

Phishing

AMERICAN EXPRESS

25th September 2017

News] Message From AMERICAN
EXPRESS

M5N 0ffice-team

25th September 2017

Account Issue

Vulnerebility

Cisco Integrated Management Controller CVE-2017-6619 Remote Command Execution Vulnerability
2017-09-25
http://www.securityfocus.com/bid/97925

Cisco Integrated Management Controller CVE-2017-6616 Remote Code Execution Vulnerability
2017-09-25
http://www.securityfocus.com/bid/97928

IPython JSON Error Responses Multiple Cross Site Scripting Vulnerabilities
2017-09-25
http://www.securityfocus.com/bid/75328

WordPress Prior to 4.8.2 Multiple Input Validation Security Vulnerabilities
2017-09-25
http://www.securityfocus.com/bid/100912

Linux kernel CVE-2017-14106 Local Denial of Service Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100878

Linux Kernel CVE-2017-12154 Denial of Service Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100856

Linux Kernel CVE-2017-1000111 Local Privilege Escalation Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100267

Linux Kernel 'drivers/video/fbdev/aty/atyfb_base.c' Local Information Disclosure Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100634

Linux Kernel 'net/xfrm/xfrm_policy.c' Local Denial of Service Vulnerability
2017-09-25
http://www.securityfocus.com/bid/99928

Linux Kernel CVE-2017-14340 Local Denial of Service Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100851

Linux Kernel CVE-2017-14497 Local Buffer Overflow Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100871

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-09-25
http://www.securityfocus.com/bid/100215

Linux Kernel CVE-2017-1000370 Local Security Bypass Vulnerability
2017-09-25
http://www.securityfocus.com/bid/99149

Linux Kernel CVE-2017-12146 Local Race Condition Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100651

Xen CVE-2017-12134 Memory Corruption Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100343

Linux Kernel CVE-2017-12153 Null Pointer Dereference Local Denial of Service Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100855

Linux Kernel 'sound/core/timer.c' Local Information Disclosure Vulnerability
2017-09-25
http://www.securityfocus.com/bid/99121

Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability
2017-09-25
http://www.securityfocus.com/bid/99263

Linux Kernel 'mm/migrate.c' Local Information Disclosure Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100876

Linux Kernel CVE-2017-1000371 Local Security Bypass Vulnerability
2017-09-25
http://www.securityfocus.com/bid/99131

Linux Kernel CVE-2017-7558 Multiple Local Information Disclosure Vulnerabilities
2017-09-25
http://www.securityfocus.com/bid/100466

Linux Kernel Bluetooth Subsystem CVE-2017-1000251 Stack Based Buffer Overflow Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100809

Linux Kernel CVE-2017-1000112 Local Memory Corruption Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100262

Perl CVE-2017-12837 Heap Buffer Overflow Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100860

Perl CVE-2017-12883 Buffer Overflow Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100852

Samba CVE-2017-12151 Man in the Middle Security Bypass Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100917

Samba CVE-2017-12163 Arbitrary File Write Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100925

Samba CVE-2017-12150 Man in the Middle Security Bypass Vulnerability
2017-09-25
http://www.securityfocus.com/bid/100918

Kaltura Community Edition Multiple Security Vulnerabilities
2017-09-25
http://www.securityfocus.com/bid/100976

Trend Micro Mobile Security (Enterprise) CVE-2017-14078 Multiple SQL Injection Vulnerabilities
2017-09-25
http://www.securityfocus.com/bid/100966

SANS News

Back to Basics: Writing Change Requests in Natural Language

Threatpost

Chris Vickery on Amazon S3 Data Leaks

Exploit

 

24.9.2017

Bugtraq

 

Malware

 

Phishing

Apple

22nd September 2017

YOUR ACCOUNT ACCESS HAS BEEN
DISABLED ! CASEID:98301

iTunes Store

21st September 2017

 SUMMARY REPORT ] FRAUD
ACTIVITY : PLEASE REVIEW YOUR
RECEIPT FROM APPLE

Vulnerebility

Samba CVE-2017-12151 Man in the Middle Security Bypass Vulnerability
2017-09-22
http://www.securityfocus.com/bid/100917

Samba CVE-2017-12150 Man in the Middle Security Bypass Vulnerability
2017-09-22
http://www.securityfocus.com/bid/100918

Samba CVE-2017-12163 Arbitrary File Write Vulnerability
2017-09-22
http://www.securityfocus.com/bid/100925

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
2017-09-22
http://www.securityfocus.com/bid/100609

Oracle Java SE and JRockit CVE-2017-10108 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99846

Oracle Java SE and JRockit CVE-2017-10135 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99839

Oracle Java SE and JRockit CVE-2017-10053 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99842

Oracle Java SE and JRockit CVE-2017-10198 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99818

Oracle Java SE and JRockit CVE-2017-10176 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99788

Oracle Java SE and JRockit CVE-2017-10118 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99782

Oracle Java SE CVE-2017-10078 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99752

Oracle Java SE CVE-2017-10102 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99712

GraphicsMagick CVE-2017-14649 Denial of Service Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100958

CA Identity Manager CVE-2017-9393 Information Disclosure Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100956

Apache Tomcat CVE-2017-12617 Incomplete Fix Remote Code Execution Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100954

Ctek SkyRouter CVE-2017-14000 Authentication Bypass Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100953

Multiple Schneider Electric Products CVE-2017-13997 Authentication Bypass Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100952

IniNet Solutions SCADA Web Server CVE-2017-13995 Authentication Bypass Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100951

Digium Asterisk GUI CVE-2017-14001 OS Command Injection Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100950

PCD CVE-2017-9628 Unspecified Information Disclosure Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100949

Multiple Pivotal Products CVE-2017-8046 Remote Code Execution Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100948

Google Chrome V8 Multiple Out-of-Bounds Memory Access Vulnerabilities
2017-09-21
http://www.securityfocus.com/bid/100947

ImageMagick CVE-2017-14607 Heap Buffer Overflow Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100944

ImageMagick CVE-2017-14626 Denial of Service Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100943

ImageMagick CVE-2017-14625 Denial of Service Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100941

ImageMagick CVE-2017-14624 Denial of Service Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100940

WordPress Prior to 4.8.2 Multiple Input Validation Security Vulnerabilities
2017-09-20
http://www.securityfocus.com/bid/100912

Git CVE-2017-1000117 Remote Command Injection Vulnerability
2017-09-20
http://www.securityfocus.com/bid/100283

Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability
2017-09-20
http://www.securityfocus.com/bid/100259

Multiple SAP Products 'DBISQL' Information Disclosure Vulnerability
2017-09-20
http://www.securityfocus.com/bid/97581

SANS News

Forensic use of mount --bind

What is the State of Your Union?

Malspam pushing Word documents with Hancitor malware

Threatpost

Verizon Wireless Internal Credentials, Infrastructure Details Exposed in Amazon S3 Bucket

EternalBlue Exploit Used in Retefe Banking Trojan Campaign

2016 SEC Hack May Have Benefited Insider Trading

Samba Update Patches Two SMB-Related MiTM Bugs

Exploit

 

22.9.2017

Bugtraq

 

Malware

 

Phishing

iTunes Store

21st September 2017

 SUMMARY REPORT ] FRAUD
ACTIVITY : PLEASE REVIEW YOUR
RECEIPT FROM APPLE

iTunes Store

21st September 2017

 NEW STATEMENT UPDATE ] FRAUD
ACTIVITY : PLEASE REVIEW YOUR
RECEIPT FROM APPLE

Netflix

20th September 2017

WALMART EGIFT CARD (INSIDE).

Vulnerebility

Oracle Java SE and JRockit CVE-2017-10198 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99818

Oracle Java SE and JRockit CVE-2017-10176 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99788

Oracle Java SE and JRockit CVE-2017-10118 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99782

Oracle Java SE CVE-2017-10078 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99752

Oracle Java SE CVE-2017-10102 Remote Security Vulnerability
2017-09-22
http://www.securityfocus.com/bid/99712

ImageMagick CVE-2017-14607 Heap Buffer Overflow Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100944

ImageMagick CVE-2017-14626 Denial of Service Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100943

ImageMagick CVE-2017-14625 Denial of Service Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100941

ImageMagick CVE-2017-14624 Denial of Service Vulnerability
2017-09-21
http://www.securityfocus.com/bid/100940

WordPress Prior to 4.8.2 Multiple Input Validation Security Vulnerabilities
2017-09-20
http://www.securityfocus.com/bid/100912

Git CVE-2017-1000117 Remote Command Injection Vulnerability
2017-09-20
http://www.securityfocus.com/bid/100283

Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability
2017-09-20
http://www.securityfocus.com/bid/100259

Multiple SAP Products 'DBISQL' Information Disclosure Vulnerability
2017-09-20
http://www.securityfocus.com/bid/97581

HP ArcSight ESM and ArcSight ESM Express Multiple Security Vulnerabilities
2017-09-20
http://www.securityfocus.com/bid/100935

Drupal Page Access Module Unspecified Security Vulnerability
2017-09-20
http://www.securityfocus.com/bid/100934

Multiple Cisco Products CVE-2017-6720 Denial of Service Vulnerability
2017-09-20
http://www.securityfocus.com/bid/100933

Cisco UCS Central Software Command Line Interface CVE-2017-12255 Command Injection Vulnerability
2017-09-20
http://www.securityfocus.com/bid/100932

Cisco Unified Customer Voice Portal CVE-2017-12214 Remote Privilege Escalation Vulnerability
2017-09-20
http://www.securityfocus.com/bid/100931

SANS News

Malspam pushing Word documents with Hancitor malware

Threatpost

Iranian APT33 Targets US Firms with Destructive Malware


Joomla Patches Eight-Year-Old LDAP Injection Vulnerability

Malware Steals Data From Air-Gapped Network via Security Cameras

Exploit

 

21.9.2017

Bugtraq

 

Malware

Trojan.Famberp

Phishing

Netflix

20th September 2017

WALMART EGIFT CARD (INSIDE).

*****CONGRATULATION*****

19th September 2017

TODAY ONLY: Your $50 Amazon
gift card

Vulnerebility

WordPress Prior to 4.8.2 Multiple Input Validation Security Vulnerabilities
2017-09-20
http://www.securityfocus.com/bid/100912

Git CVE-2017-1000117 Remote Command Injection Vulnerability
2017-09-20
http://www.securityfocus.com/bid/100283

Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability
2017-09-20
http://www.securityfocus.com/bid/100259

Multiple SAP Products 'DBISQL' Information Disclosure Vulnerability
2017-09-20
http://www.securityfocus.com/bid/97581

Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100829

Apache Struts CVE-2017-9793 Denial of Service Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100611

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100609

Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100612

Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100901

Joomla! CVE-2017-14595 Information Disclosure Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100900

Joomla! CVE-2017-14596 Information Disclosure Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100898

Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100897

Apple Safari and iOS CVE-2017-7085 Address Bar Spoofing Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100895

Apple Xcode Multiple Memory Corruption Vulnerabilities
2017-09-19
http://www.securityfocus.com/bid/100894

WebKit Multiple Security Vulnerabilities
2017-09-19
http://www.securityfocus.com/bid/100893

Apple iOS APPLE-SA-2017-09-19-1 Multiple Security Vulnerabilities
2017-09-19
http://www.securityfocus.com/bid/100892

Apache Tomcat CVE-2017-7674 Security Bypass Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100280

SANS News

Email attachment using CVE-2017-8759 exploit targets Argentina

Threatpost

What Triggers HTTPS Chrome Browser Warnings?

Malware Steals Data From Air-Gapped Network via Security Cameras

Deep-Learning PassGAN Tool Improves Password Guessing

Exploit

 

20.9.2017

Bugtraq

APPLE-SA-2017-09-19-1 iOS 11 2017-09-19
Apple Product Security (product-security-noreply lists apple com)

slackware-security] httpd (SSA:2017-261-01) 2017-09-18
Slackware Security Team (security slackware com)

slackware-security] libgcrypt (SSA:2017-261-02) 2017-09-18
Slackware Security Team (security slackware com)

slackware-security] ruby (SSA:2017-261-03) 2017-09-18
Slackware Security Team (security slackware com)

Watchguard Fireware OS DOS & Stored XSS 2017-09-18
David Fernandez (david fdmv gmail com)

Malware

Exp.CVE-2017-8737

Exp.CVE-2017-8728

Exp.CVE-2017-8753

Exp.CVE-2017-8757

Exp.CVE-2017-8734

Exp.CVE-2017-8738

Exp.CVE-2017-8747

Exp.CVE-2017-8749

Phishing

Netflix

20th September 2017

WALMART EGIFT CARD (INSIDE).

*****CONGRATULATION*****

19th September 2017

TODAY ONLY: Your $50 Amazon
gift card

Santander Bank Plc

18th September 2017

Important Notice (New Online
Banking Authentication
Procedure)

Vulnerebility

Multiple SAP Products 'DBISQL' Information Disclosure Vulnerability
2017-09-20
http://www.securityfocus.com/bid/97581

Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100829

Apache Struts CVE-2017-9793 Denial of Service Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100611

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100609

Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100612

Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100901

Joomla! CVE-2017-14595 Information Disclosure Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100900

Joomla! CVE-2017-14596 Information Disclosure Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100898

Apache Tomcat CVE-2017-12616 Information Disclosure Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100897

Apple Safari and iOS CVE-2017-7085 Address Bar Spoofing Vulnerability
2017-09-19
http://www.securityfocus.com/bid/100895

Apple Xcode Multiple Memory Corruption Vulnerabilities
2017-09-19
http://www.securityfocus.com/bid/100894

WebKit Multiple Security Vulnerabilities
2017-09-19
http://www.securityfocus.com/bid/100893

Apple iOS APPLE-SA-2017-09-19-1 Multiple Security Vulnerabilities
2017-09-19
http://www.securityfocus.com/bid/100892

Apache Tomcat CVE-2017-7674 Security Bypass Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100280

Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100256

Apache HTTP Server CVE-2017-9798 Information Disclosure Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100872

Apache Solr CVE-2017-9803 Remote Privilege Escalation Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100870

Moodle CVE-2017-12156 Cross Site Scripting Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100867

Moodle CVE-2017-12157 Information Disclosure Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100848

SANS News

Ongoing Ykcol (Locky) campaign

Threatpost

Cloud-Focused Firms Earn High Marks for Software Security in BSIMM8 Report

iOS 11 Update includes Patches for Eight Vulnerabilities

Risks Limited With Latest Apache Bug, Optionsbleed

Exploit

 

19.9.2017

Bugtraq

slackware-security] httpd (SSA:2017-261-01) 2017-09-18
Slackware Security Team (security slackware com)

slackware-security] libgcrypt (SSA:2017-261-02) 2017-09-18
Slackware Security Team (security slackware com)

slackware-security] ruby (SSA:2017-261-03) 2017-09-18
Slackware Security Team (security slackware com)

Watchguard Fireware OS DOS & Stored XSS 2017-09-18
David Fernandez (david fdmv gmail com)

SECURITY] DSA 3978-1] gdk-pixbuf security update 2017-09-18
Moritz Muehlenhoff (jmm debian org)

ZK Time_Web Software 2.0 - Broken Authentication 2017-09-18
Arvind Vishwakarma (arvind12786 gmail com)

ZKTime_Web Software 2.0 - Cross Site Request Forgery 2017-09-18
Arvind Vishwakarma (arvind12786 gmail com)

SECURITY] DSA 3976-1] freexl security update 2017-09-17
Salvatore Bonaccorso (carnil debian org)

Malware

Python.Fakelib

Phishing

 

Vulnerebility

Apache Tomcat CVE-2017-7674 Security Bypass Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100280

Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100256

Apache Solr CVE-2017-9803 Remote Privilege Escalation Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100870

Moodle CVE-2017-12156 Cross Site Scripting Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100867

Moodle CVE-2017-12157 Information Disclosure Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100848

SANS News

New tool: mac-robber.py

Threatpost

Pirate Bay Spotted Hosting Monero Cryptocurrency Miner

Exploit

 

18.9.2017

Bugtraq

ZK Time_Web Software 2.0 - Broken Authentication 2017-09-18
Arvind Vishwakarma (arvind12786 gmail com)

ZKTime_Web Software 2.0 - Cross Site Request Forgery 2017-09-18
Arvind Vishwakarma (arvind12786 gmail com)

SECURITY] DSA 3976-1] freexl security update 2017-09-17
Salvatore Bonaccorso (carnil debian org)

slackware-security] kernel (SSA:2017-258-02) 2017-09-15
Slackware Security Team (security slackware com)

Malware

JS.Dosdeming
Trojan.Sibakdi

Phishing

HBL InternetBanking

18th September 2017

HBL InternetBanking User ID Is
Blocked.

Hulu Video

18th September 2017

WALMART EGIFT CARD (INSIDE).

Disable account apple

18th September 2017

Notice to Your AppleID

Vulnerebility

Apache Tomcat CVE-2017-7674 Security Bypass Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100280

Apache Tomcat CVE-2017-7675 Directory Traversal Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100256

Moodle CVE-2017-12157 Information Disclosure Vulnerability
2017-09-18
http://www.securityfocus.com/bid/100848

VMware vCenter Server CVE-2017-4926 HTML Injection Vulnerability
2017-09-15
http://www.securityfocus.com/bid/100844

Xen 'mm.c' Remote Privilege Escalation Vulnerability
2017-09-15
http://www.securityfocus.com/bid/100819

Xen CVE-2017-14316 Arbitrary Code Execution Vulnerability
2017-09-15
http://www.securityfocus.com/bid/100818

SANS News

Getting some intelligence from malspam

Threatpost

 

Exploit

 

17.9.2017

Bugtraq

 

Malware

 

Phishing

BMO

17th September 2017

-Action: Changes made in your
Internet Banking Profile-

Vulnerebility

 

SANS News

rockNSM as a Incident Response Package

Threatpost

Rogue WordPress Plugin Allowed Spam Injection

VMware Patches Bug That Allows Guest to Execute Code on Host


Premium SMS Malware ‘ExpensiveWall’ Infects Millions of Android Devices

Exploit

 

15.9.2017

Bugtraq

 

Malware

 

Phishing

*****CONGRATULATION*****

15th September 2017

TODAY ONLY: Your $50 Amazon
gift card

Vulnerebility

Xen 'mm.c' Remote Privilege Escalation Vulnerability
2017-09-15
http://www.securityfocus.com/bid/100819

Xen CVE-2017-14316 Arbitrary Code Execution Vulnerability
2017-09-15
http://www.securityfocus.com/bid/100818

Xen 'grant_table.c' Privilege Escalation Vulnerability
2017-09-15
http://www.securityfocus.com/bid/100817

Oracle MySQL Server CVE-2017-3456 Remote Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/97831

Oracle MySQL Server CVE-2017-3464 Remote Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/97818

Oracle MySQL Server CVE-2017-3453 Remote Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/97776

Oracle MySQL Server CVE-2017-3600 Remote Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/97765

Oracle MySQL Server CVE-2017-3309 Remote Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/97742

Oracle MySQL Server CVE-2017-3308 Remote Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/97725

Oracle MySQL Server CVE-2017-3318 Local Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/95588

Oracle MySQL Server CVE-2017-3317 Local Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/95585

Oracle MySQL Server CVE-2017-3238 Remote Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/95571

Oracle MySQL Server CVE-2017-3244 Remote Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/95565

Oracle MySQL Server CVE-2017-3258 Remote Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/95560

Oracle MySQL Server CVE-2017-3243 Remote Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/95538

Oracle MySQL Server CVE-2017-3265 Local Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/95520

Oracle MySQL Server CVE-2017-3291 Local Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/95501

Oracle MySQL Server CVE-2017-3312 Local Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/95491

Oracle MySQL CVE-2016-6664 Local Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/93612

Oracle MySQL Server CVE-2017-3313 Local Security Vulnerability
2017-09-15
http://www.securityfocus.com/bid/95527

Microsoft Windows .NET Framework CVE-2017-8759 Remote Code Execution Vulnerability
2017-09-14
http://www.securityfocus.com/bid/100742

Microsoft Windows Bluetooth Driver CVE-2017-8628 Man in the Middle Spoofing Vulnerability
2017-09-14
http://www.securityfocus.com/bid/100744

MariaDB and MySQL CVE-2017-3302 Denial of Service Vulnerability
2017-09-14
http://www.securityfocus.com/bid/96162

Google Android CVE-2017-0781 Heap Buffer Overflow Vulnerability
2017-09-14
http://www.securityfocus.com/bid/100810

Python Ansible Vault Package CVE-2017-2809 Remote Code Execution Vulnerability
2017-09-14
http://www.securityfocus.com/bid/100824

LibOFX CVE-2017-2816 Stack Based Buffer Overflow Vulnerability
2017-09-13
http://www.securityfocus.com/bid/100828

Cisco Meeting Server CVE-2017-12249 Unauthorized Access Vulnerability
2017-09-13
http://www.securityfocus.com/bid/100821

Google Android Broadcom components Multiple Security Vulnerabilities
2017-09-12
http://www.securityfocus.com/bid/99482

SAP Point of Sale (POS) Retail Xpress Server Authentication Bypass Vulnerability
2017-09-12
http://www.securityfocus.com/bid/99531

SAP Note Assistant Unspecified Security Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100832

SANS News

 

Threatpost

Equifax Confirms March Struts Vulnerability Behind Breach

Premium SMS Malware ‘ExpensiveWall’ Infects Millions of Android Devices

Exploit

 

14.9.2017

Bugtraq

 

Malware

Exp.CVE-2017-8759

Android.Wirex

Phishing

 

Vulnerebility

MariaDB and MySQL CVE-2017-3302 Denial of Service Vulnerability
2017-09-14
http://www.securityfocus.com/bid/96162

Google Android CVE-2017-0781 Heap Buffer Overflow Vulnerability
2017-09-14
http://www.securityfocus.com/bid/100810

Google Android Broadcom components Multiple Security Vulnerabilities
2017-09-12
http://www.securityfocus.com/bid/99482

Microsoft Windows .NET Framework CVE-2017-8759 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100742

SANS News

Another webshell, another backdoor!

Threatpost

Thousands of Elasticsearch Servers Hijacked to Host PoS Malware

Exploit

Jungo DriverWizard WinDriver <= 12.4.0 - Kernel Pool Overflow

ICLowBidAuction 3.3 - SQL Injection

ICMLM 2.1 - 'key' Parameter SQL Injection

Mako Web Server 2.5 - Multiple Vulnerabilities

13.9.2017

Bugtraq

slackware-security] emacs (SSA:2017-255-01) 2017-09-12
Slackware Security Team (security slackware com)

slackware-security] libzip (SSA:2017-255-02) 2017-09-12
Slackware Security Team (security slackware com)

SECURITY] DSA 3970-1] emacs24 security update 2017-09-12
Moritz Muehlenhoff (jmm debian org)

SEC Consult SA-20170912-0 :: Email verification bypass in SAP E-Recruiting 2017-09-12
SEC Consult Vulnerability Lab (research sec-consult com)

slackware-security] bash (SSA:2017-251-01) 2017-09-08
Slackware Security Team (security slackware com)

slackware-security] mariadb (SSA:2017-251-02) 2017-09-08
Slackware Security Team (security slackware com)

Malware

 

Phishing

*****CONGRATULATION*****

13th September 2017

TODAY ONLY: Your $50 Amazon
gift card

Apple ID has been locked your

13th September 2017

YOUR ACCOUNT INFORMATION

Lloyds Bank

12th September 2017

IMPORTANT ACCOUNT NOTICE
INFORMATION

Vulnerebility

Google Android Broadcom components Multiple Security Vulnerabilities
2017-09-12
http://www.securityfocus.com/bid/99482

Microsoft Windows .NET Framework CVE-2017-8759 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100742

SAP Point of Sale (POS) Retail Xpress Server Authentication Bypass Vulnerability
2017-09-12
http://www.securityfocus.com/bid/99531

Microsoft Windows Hyper-V CVE-2017-8713 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100796

Microsoft Windows Hyper-V CVE-2017-8712 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100795

Microsoft Windows Hyper-V CVE-2017-8711 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100794

Microsoft Windows CVE-2017-8710 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100793

Microsoft Windows Kernel CVE-2017-8709 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100792

Microsoft Windows Kernel CVE-2017-8708 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100791

Microsoft Windows Hyper-V CVE-2017-8707 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100790

Microsoft Windows Hyper-V CVE-2017-8706 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100789

Microsoft Windows Hyper-V CVE-2017-8704 Remote Denial of Service Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100787

Microsoft Windows Error Reporting CVE-2017-8702 Remote Privilege Escalation Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100785

SAP Netweaver Cross Site Scripting Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100784

Microsoft Windows Shell CVE-2017-8699 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100783

Microsoft Windows GDI+ Component CVE-2017-8684 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100782

Microsoft Windows Graphics Component CVE-2017-8683 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100781

Microsoft Windows Graphics Component CVE-2017-8696 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100780

Microsoft Edge Content Security Policy CVE-2017-8754 Security Bypass Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100779

Microsoft Edge Scripting Engine CVE-2017-8755 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100778

Microsoft Edge CVE-2017-8724 Spoofing Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100777

Microsoft Edge Scripting Engine CVE-2017-8753 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100776

Microsoft Edge Scripting Engine CVE-2017-8752 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100775

Microsoft Windows Graphics Component CVE-2017-8695 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100773

Microsoft Windows Graphics Component CVE-2017-8682 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100772

Microsoft Internet Explorer and Edge CVE-2017-8750 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100771

Microsoft Internet Explorer CVE-2017-8749 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100770

Microsoft Windows Kernel 'Win32k.sys' CVE-2017-8678 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100769

Microsoft Edge Content Security Policy CVE-2017-8723 Security Bypass Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100768

Microsoft Windows GDI+ Component CVE-2017-8677 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100767
 

Microsoft Internet Explorer and Edge CVE-2017-8748 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100766

Microsoft Internet Explorer CVE-2017-8747 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100765

Microsoft Internet Explorer and Edge CVE-2017-8741 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100764

Microsoft Edge Scripting Engine CVE-2017-8740 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100763

Microsoft Windows Uniscribe CVE-2017-8692 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100762

Microsoft Edge Scripting Engine CVE-2017-8739 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100761

Microsoft Windows Device Guard CVE-2017-8746 Local Security Bypass Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100760

Microsoft Edge Scripting Engine CVE-2017-8738 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100759

Microsoft Office Publisher CVE-2017-8725 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100758

Microsoft Edge Scripting Engine CVE-2017-8660 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100757

Microsoft Windows GDI+ Component CVE-2017-8688 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100756

Microsoft Windows Graphics Device Interface CVE-2017-8676 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100755

Microsoft Edge Scripting Engine CVE-2017-8649 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100754

Microsoft SharePoint CVE-2017-8745 Cross Site Scripting Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100753

Microsoft Windows Kernel 'Win32k.sys' CVE-2017-8675 Local Privilege Escalation Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100752

Microsoft Office CVE-2017-8631 Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100751

Microsoft Edge CVE-2017-8648 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100750

Microsoft Windows PDF CVE-2017-8737 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100749

Microsoft Office CVE-2017-8744 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100748

Microsoft Edge CVE-2017-8643 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100747

Microsoft PowerPoint CVE-2017-8743 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100746

Microsoft Edge CVE-2017-8597 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100745

Microsoft Windows Bluetooth Driver CVE-2017-8628 Man in the Middle Spoofing Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100744

Microsoft Internet Explorer and Edge CVE-2017-8736 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100743

Microsoft PowerPoint CVE-2017-8742 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100741

Microsoft Edge CVE-2017-8735 Spoofing Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100740

Microsoft Windows PDF CVE-2017-8728 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100739

Microsoft Edge CVE-2017-8734 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100738

Microsoft Internet Explorer CVE-2017-8733 Spoofing Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100737

Microsoft Windows Kernel CVE-2017-8687 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100736

Microsoft Edge CVE-2017-8731 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100735

Microsoft Office CVE-2017-8632 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100734

Microsoft Edge Scripting Engine CVE-2017-8729 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100733

Microsoft Office CVE-2017-8630 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100732

Microsoft Exchange Server CVE-2017-11761 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100731

Microsoft Windows DHCP Server CVE-2017-8686 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100730

Microsoft Edge CVE-2017-11766 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100729

Microsoft Windows NetBIOS CVE-2017-0161 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100728

Microsoft Windows GDI+ Component CVE-2017-8681 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100727

Microsoft Edge Scripting Engine CVE-2017-11764 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100726

Microsoft SharePoint Server CVE-2017-8629 Remote Privilege Escalation Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100725

Microsoft Windows GDI+ CVE-2017-8685 Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100724

Microsoft Exchange Server CVE-2017-8758 Cross Site Scripting Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100723

Microsoft Windows GDI+ Component CVE-2017-8680 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100722

Microsoft Edge CVE-2017-8757 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100721

Microsoft Windows Kernel CVE-2017-8679 Local Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100720

Microsoft Office CVE-2017-8567 Remote Code Execution Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100719

Microsoft Edge Scripting Engine CVE-2017-8756 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100718

SAP NetWeaver Adapter Engine Cache Monitor Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100717

Adobe Flash Player CVE-2017-11282 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100716

Adobe Coldfusion CVE-2017-11286 XML External Entity Information Disclosure Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100715

SAP NetWeaver 'SLC Sell Side Registration Page' Cross Site Scripting Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100714

SAP Point of Sale (POS) Retail Xpress Server Authentication Bypass Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100713

SAP Electronic Ledger Management for Turkey Cross Site Request Forgery Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100712

Adobe ColdFusion CVE-2017-11285 Unspecified Cross Site Scripting Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100711

Adobe Flash Player CVE-2017-11281 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100710

Adobe RoboHelp CVE-2017-3105 Open Redirect Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100709

Adobe ColdFusion APSB17-30 Deserialization Multiple Remote Code Execution Vulnerabilities
2017-09-12
http://www.securityfocus.com/bid/100708

Adobe RoboHelp CVE-2017-3104 Cross Site Scripting Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100707

SANS News

Microsoft Patch Tuesday September 2017

No IPv6? Challenge Accepted! (Part 1)

Threatpost

Microsoft Patches .NET Zero Day Vulnerability in September Update

Adobe Fixes Eight Vulnerabilities in Flash, RoboHelp, ColdFusion

Exploit

Trend Micro Control Manager - ImportFile Directory Traversal RCE (Metasploit)

ZScada Modbus Buffer 2.0 - Stack-Based Buffer Overflow (Metasploit)

Viap Automation WinPLC7 5.0.45.5921 - Recv Buffer Overflow (Metasploit)

Sielco Sistemi Winlog 2.07.16 - Buffer Overflow (Metasploit)

Alienvault Open Source SIEM (OSSIM) < 4.8.0 - 'get_file' Information Disclosure...

Motorola Netopia Netoctopus SDCS - Stack Buffer Overflow (Metasploit)

Jungo DriverWizard WinDriver <= 12.4.0 - Kernel Pool Overflow

WebKit JSC - 'BytecodeGenerator::emitGetByVal' Incorrect Optimization

Mako Web Server 2.5 - Multiple Vulnerabilities

ICLowBidAuction 3.3 - SQL Injection

ICMLM 2.1 - 'key' Parameter SQL Injection

ICHotelReservation 3.3 - 'key' Parameter SQL Injection

ICAuction 2.2 - 'id' Parameter SQL Injection

ICDoctor Appointment 1.3 - 'key' Parameter SQL Injection

ICRestaurant software 1.4 - 'key' Parameter SQL Injection

ICDutchAuction 1.2 - SQL Injection

12.9.2017

Bugtraq

 

Malware

 

Phishing

Lloyds Bank

12th September 2017

IMPORTANT ACCOUNT NOTICE
INFORMATION

Amazon Customer Service

11th September 2017

AMAZON - TAKE OUR 60 SEC
SURVEY FOR A CHANCE TO WIN A
$1,000 SHOPPING SPREE ON US!

Vulnerebility

SAP Electronic Ledger Management for Turkey Cross Site Request Forgery Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100712

Adobe ColdFusion CVE-2017-11285 Unspecified Cross Site Scripting Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100711

Adobe Flash Player CVE-2017-11281 Remote Memory Corruption Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100710

Adobe RoboHelp CVE-2017-3105 Open Redirect Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100709

Adobe ColdFusion APSB17-30 Deserialization Multiple Remote Code Execution Vulnerabilities
2017-09-12
http://www.securityfocus.com/bid/100708

Adobe RoboHelp CVE-2017-3104 Cross Site Scripting Vulnerability
2017-09-12
http://www.securityfocus.com/bid/100707

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
2017-09-10
http://www.securityfocus.com/bid/100609

Apache Struts CVE-2017-9793 Denial of Service Vulnerability
2017-09-10
http://www.securityfocus.com/bid/100611

Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
2017-09-10
http://www.securityfocus.com/bid/100612

FFmpeg 'libavutil/pixdesc.c' NULL pointer Dereference Remote Denial of Service Vulnerability
2017-09-09
http://www.securityfocus.com/bid/100704

EMC AppSync CVE-2017-8015 SQL Injection Vulnerability
2017-09-09
http://www.securityfocus.com/bid/100683

Openswan IKEv2 payloads Remote Denial Of Service Vulnerability
2017-09-08
http://www.securityfocus.com/bid/65155

FFmpeg 'libavformat/asfdec_f.c' Denial of Service Vulnerability
2017-09-08
http://www.securityfocus.com/bid/100703

ImageMagick CVE-2017-14224 Heap Buffer Overflow Vulnerability
2017-09-08
http://www.securityfocus.com/bid/100702

FFmpeg 'libavformat/mov.c' Denial of Service Vulnerability
2017-09-08
http://www.securityfocus.com/bid/100701

IBM DB2 CVE-2017-1520 Security Bypass Vulnerability
2017-09-08
http://www.securityfocus.com/bid/100684

Das U-Boot Security Weakness and Information Disclosure Vulnerabilities
2017-09-08
http://www.securityfocus.com/bid/100675

Oracle Java SE CVE-2017-10089 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/99659

Oracle Database Server CVE-2012-1746 Remote Network Layer Vulnerability
2017-09-07
http://www.securityfocus.com/bid/54507

Oracle Java SE CVE-2017-10087 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/99703

Mahara Resume Blocktype Cross Site Scripting Vulnerability
2017-09-07
http://www.securityfocus.com/bid/36892

Oracle CVE-2010-3534 Local Primavera P6 Enterprise Project Portfolio Management
2017-09-07
http://www.securityfocus.com/bid/44019

Oracle Document Capture CVE-2010-3592 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45871

Oracle Transportation Manager CVE-2010-4432 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45875

Mahara Admin Password Reset Security Bypass Vulnerability
2017-09-07
http://www.securityfocus.com/bid/36893

Oracle Fusion Middleware CVE-2010-3501 Remote OID Vulnerability
2017-09-07
http://www.securityfocus.com/bid/43995

Oracle Supply Chain Product CVE-2010-4429 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45860

Oracle Supply Chain Product CVE-2010-3505 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45872

Oracle Oracle Enterprise Manager Grid Control CVE-2011-0875 Remote EMCTL Vulnerability
2017-09-07
http://www.securityfocus.com/bid/48760

Oracle Sun Java System Portal Server CVE-2010-4431 Local Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45898

SANS News

 

Threatpost

FreeXL Library Fixes Two Remote Code Execution Vulnerabilities


Apache Foundation Refutes Involvement in Equifax Breach

Exploit

tcprewrite - Heap-Based Buffer Overflow

PHP Dashboards NEW 4.4 - Arbitrary File Read

PHP Dashboards NEW 4.4 - SQL Injection

JobStar Monster Clone Script 1.0 - SQL Injection

iTech Book Store Script 2.02 - SQL Injection

Docker Daemon - Unprotected TCP Socket (Metasploit)

Nimble Professional 1.0 - Cross-Site Request Forgery (Update Admin)

FiberHome ADSL AN1020-25 - Improper Access Restrictions

WiseGiga NAS - Multiple Vulnerabilities

11.9.2017

Bugtraq

 

Malware

 

Phishing

Amazon Customer Service

11th September 2017

AMAZON - TAKE OUR 60 SEC
SURVEY FOR A CHANCE TO WIN A
$1,000 SHOPPING SPREE ON US!

kaminanga on behalf of Bank C

9th September 2017

You recieved money on your
account!

iTunes

9th September 2017

NEW STATEMENT RECEIPT ORDER ID
: IN63483482469 DOCUMENT NO
:575255676567

Vulnerebility

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
2017-09-10
http://www.securityfocus.com/bid/100609

Apache Struts CVE-2017-9793 Denial of Service Vulnerability
2017-09-10
http://www.securityfocus.com/bid/100611

Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
2017-09-10
http://www.securityfocus.com/bid/100612

Openswan IKEv2 payloads Remote Denial Of Service Vulnerability
2017-09-08
http://www.securityfocus.com/bid/65155

Das U-Boot Security Weakness and Information Disclosure Vulnerabilities
2017-09-08
http://www.securityfocus.com/bid/100675

Oracle Java SE CVE-2017-10089 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/99659

Oracle Database Server CVE-2012-1746 Remote Network Layer Vulnerability
2017-09-07
http://www.securityfocus.com/bid/54507

Oracle Java SE CVE-2017-10087 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/99703

Mahara Resume Blocktype Cross Site Scripting Vulnerability
2017-09-07
http://www.securityfocus.com/bid/36892

Oracle CVE-2010-3534 Local Primavera P6 Enterprise Project Portfolio Management
2017-09-07
http://www.securityfocus.com/bid/44019

Oracle Document Capture CVE-2010-3592 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45871

Oracle Transportation Manager CVE-2010-4432 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45875

Mahara Admin Password Reset Security Bypass Vulnerability
2017-09-07
http://www.securityfocus.com/bid/36893

Oracle Fusion Middleware CVE-2010-3501 Remote OID Vulnerability
2017-09-07
http://www.securityfocus.com/bid/43995

Oracle Supply Chain Product CVE-2010-4429 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45860

Oracle Supply Chain Product CVE-2010-3505 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45872

Oracle Oracle Enterprise Manager Grid Control CVE-2011-0875 Remote EMCTL Vulnerability
2017-09-07
http://www.securityfocus.com/bid/48760

Oracle Sun Java System Portal Server CVE-2010-4431 Local Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45898

Oracle Sun Solaris CVE-2011-3542 Local Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50244

Oracle PeopleSoft Enterprise FIN CVE-2011-2250 Remote PeopleSoft Enterprise FIN Vulnerability
2017-09-07
http://www.securityfocus.com/bid/48778

Oracle Sun Solaris CVE-2010-3586 Local Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45903

Oracle PeopleSoft Products CVE-2011-3533 Remote PeopleSoft Enterprise HRMS Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50249

Oracle Spatial CVE-2010-3590 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45880

Oracle PeopleSoft Products CVE-2011-2315 Remote PeopleSoft Enterprise PeopleTools Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50263

Oracle Fusion Middleware CVE-2012-0522 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53053

Oracle Outside In Technology CVE-2012-0557 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53054

Oracle Sun Products Suite CVE-2011-3507 Remote Oracle Communications Unified Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50264

Oracle E-Business Suite CVE-2012-0513 Remote Oracle Application Object Library Vulnerabilty
2017-09-07
http://www.securityfocus.com/bid/53055

Oracle PeopleSoft CVE-2011-3529 Remote PeopleSoft Enterprise HRMS Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50267

Oracle Sun Products Suite CVE-2011-2292 Local Solaris Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50268

SANS News

Windows Auditing with WINspect

Threatpost

Popular D-Link Router Riddled with Vulnerabilities

Exploit

Linux/ARM (Raspberry Pi) - Reverse TCP Shell (192.168.0.12:4444/TCP) Shellcode (160...

Linux/ARM (Raspberry Pi) - Bind TCP Shell (4444/TCP) Shellcode (192 bytes)

Escort Marketplace 1.0 - SQL Injection

Babysitter Website Script 1.0 - SQL Injection

Job Board Software 1.0 - SQL Injection

RPi Cam Control <= 6.3.14 - Multiple Vulnerabilities

Just Dial Marketplace 1.0 - SQL Injection

Online Print Business 1.0 - SQL Injection

Professional Service Booking 1.0 - SQL Injection

10.9.2017

Bugtraq

SECURITY] DSA 3967-1] mbedtls security update 2017-09-08
Salvatore Bonaccorso (carnil debian org)

Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol 2017-09-07
Pierre Kim (pierre kim sec gmail com)

August 2017 - SourceTree - Critical Security Advisory 2017-09-06
David Black (dblack atlassian com)

Malware

 

Phishing

Outlook.com team

9th September 2017

Re-confirm Your E-mail
paulhammon@hotmail.com

iTunes Store

8th September 2017

NEW STATMENT RECEIPT ORDER ID
: IN83486438369 DOCUMENT NO
:165153293544
 

Vulnerebility

Openswan IKEv2 payloads Remote Denial Of Service Vulnerability
2017-09-08
http://www.securityfocus.com/bid/65155

Das U-Boot Security Weakness and Information Disclosure Vulnerabilities
2017-09-08
http://www.securityfocus.com/bid/100675

Oracle Java SE CVE-2017-10089 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/99659

Oracle Database Server CVE-2012-1746 Remote Network Layer Vulnerability
2017-09-07
http://www.securityfocus.com/bid/54507

Oracle Java SE CVE-2017-10087 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/99703

Mahara Resume Blocktype Cross Site Scripting Vulnerability
2017-09-07
http://www.securityfocus.com/bid/36892

Oracle CVE-2010-3534 Local Primavera P6 Enterprise Project Portfolio Management
2017-09-07
http://www.securityfocus.com/bid/44019

Oracle Document Capture CVE-2010-3592 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45871

Oracle Transportation Manager CVE-2010-4432 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45875

Mahara Admin Password Reset Security Bypass Vulnerability
2017-09-07
http://www.securityfocus.com/bid/36893

Oracle Fusion Middleware CVE-2010-3501 Remote OID Vulnerability
2017-09-07
http://www.securityfocus.com/bid/43995

Oracle Supply Chain Product CVE-2010-4429 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45860

Oracle Supply Chain Product CVE-2010-3505 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45872

Oracle Oracle Enterprise Manager Grid Control CVE-2011-0875 Remote EMCTL Vulnerability
2017-09-07
http://www.securityfocus.com/bid/48760

Oracle Sun Java System Portal Server CVE-2010-4431 Local Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45898

Oracle Sun Solaris CVE-2011-3542 Local Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50244

Oracle PeopleSoft Enterprise FIN CVE-2011-2250 Remote PeopleSoft Enterprise FIN Vulnerability
2017-09-07
http://www.securityfocus.com/bid/48778

Oracle Sun Solaris CVE-2010-3586 Local Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45903

Oracle PeopleSoft Products CVE-2011-3533 Remote PeopleSoft Enterprise HRMS Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50249

Oracle Spatial CVE-2010-3590 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45880

Oracle PeopleSoft Products CVE-2011-2315 Remote PeopleSoft Enterprise PeopleTools Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50263

Oracle Fusion Middleware CVE-2012-0522 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53053

Oracle Outside In Technology CVE-2012-0557 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53054

Oracle Sun Products Suite CVE-2011-3507 Remote Oracle Communications Unified Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50264

Oracle E-Business Suite CVE-2012-0513 Remote Oracle Application Object Library Vulnerabilty
2017-09-07
http://www.securityfocus.com/bid/53055

Oracle PeopleSoft CVE-2011-3529 Remote PeopleSoft Enterprise HRMS Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50267

Oracle Sun Products Suite CVE-2011-2292 Local Solaris Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50268

Oracle Outside In Technology CVE-2012-0555 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53070

Oracle Database Server CVE-2012-0519 Remote Core RDBMS Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53072

Oracle Identity Manager CVE-2012-0532 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53060

SANS News

YASRV (Yet Another Struts RCE Vulnerability) yes a different one from yesterday

Malware analysis output sanitization

Threatpost

Android Users Vulnerable to ‘High-Severity’ Overlay Attacks

Exploit

 

8.9.2017

Bugtraq

Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol 2017-09-07
Pierre Kim (pierre kim sec gmail com)

August 2017 - SourceTree - Critical Security Advisory 2017-09-06
David Black (dblack atlassian com)

SECURITY] DSA 3965-1] file security update 2017-09-05
Salvatore Bonaccorso (carnil debian org)

Malware

VBS.Forbiks

Phishing

**Amazon Prime** _

7th September 2017

***Final Notice: Amazon
Rewards expiring soon!** _

ANZ BANK

7th September 2017

CUSTOMER SUPPORT SECURITY
NOTIFICATION

ANZ BANK

6th September 2017

ACCOUNT SECURITY NOTIFICATION

Vulnerebility

Openswan IKEv2 payloads Remote Denial Of Service Vulnerability
2017-09-08
http://www.securityfocus.com/bid/65155

Oracle Java SE CVE-2017-10089 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/99659

Oracle Database Server CVE-2012-1746 Remote Network Layer Vulnerability
2017-09-07
http://www.securityfocus.com/bid/54507

Oracle Java SE CVE-2017-10087 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/99703

Mahara Resume Blocktype Cross Site Scripting Vulnerability
2017-09-07
http://www.securityfocus.com/bid/36892

Oracle CVE-2010-3534 Local Primavera P6 Enterprise Project Portfolio Management
2017-09-07
http://www.securityfocus.com/bid/44019

Oracle Document Capture CVE-2010-3592 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45871

Oracle Transportation Manager CVE-2010-4432 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45875

Mahara Admin Password Reset Security Bypass Vulnerability
2017-09-07
http://www.securityfocus.com/bid/36893

Oracle Fusion Middleware CVE-2010-3501 Remote OID Vulnerability
2017-09-07
http://www.securityfocus.com/bid/43995

Oracle Supply Chain Product CVE-2010-4429 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45860

Oracle Supply Chain Product CVE-2010-3505 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45872

Oracle Oracle Enterprise Manager Grid Control CVE-2011-0875 Remote EMCTL Vulnerability
2017-09-07
http://www.securityfocus.com/bid/48760

Oracle Sun Java System Portal Server CVE-2010-4431 Local Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45898

Oracle Sun Solaris CVE-2011-3542 Local Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50244

Oracle PeopleSoft Enterprise FIN CVE-2011-2250 Remote PeopleSoft Enterprise FIN Vulnerability
2017-09-07
http://www.securityfocus.com/bid/48778

Oracle Sun Solaris CVE-2010-3586 Local Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45903

Oracle PeopleSoft Products CVE-2011-3533 Remote PeopleSoft Enterprise HRMS Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50249

Oracle Spatial CVE-2010-3590 Remote Security Vulnerability
2017-09-07
http://www.securityfocus.com/bid/45880

Oracle PeopleSoft Products CVE-2011-2315 Remote PeopleSoft Enterprise PeopleTools Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50263

Oracle Fusion Middleware CVE-2012-0522 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53053

Oracle Outside In Technology CVE-2012-0557 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53054

Oracle Sun Products Suite CVE-2011-3507 Remote Oracle Communications Unified Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50264

Oracle E-Business Suite CVE-2012-0513 Remote Oracle Application Object Library Vulnerabilty
2017-09-07
http://www.securityfocus.com/bid/53055

Oracle PeopleSoft CVE-2011-3529 Remote PeopleSoft Enterprise HRMS Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50267

Oracle Sun Products Suite CVE-2011-2292 Local Solaris Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50268

Oracle Outside In Technology CVE-2012-0555 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53070

Oracle Database Server CVE-2012-0519 Remote Core RDBMS Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53072

Oracle Identity Manager CVE-2012-0532 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53060

Oracle E-Business Suite CVE-2012-0542 Remote Oracle iStore Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53068

SANS News

Equifax breach

YASRV (Yet Another Struts RCE Vulnerability) yes a different one from yesterday

Threatpost

New Dridex Phishing Campaign Delivers Fake Accounting Invoices

Microsoft Won’t Fix Security Bypass Vulnerability in Edge

Exploit

EzBan 5.3 - 'id' Parameter SQL Injection

EzInvoice 6.02 - SQL Injection

Roteador Wireless Intelbras WRN150 - Cross-Site Scripting

Huawei HG255s - Directory Traversal

7.9.2017

Bugtraq

August 2017 - SourceTree - Critical Security Advisory 2017-09-06
David Black (dblack atlassian com)

SECURITY] DSA 3965-1] file security update 2017-09-05
Salvatore Bonaccorso (carnil debian org)

security bulletin] HPESBUX03772 rev.1 - HP-UX BIND Service Running Named, Multiple Vulnerabilities 2017-09-05
security-alert hpe com

CVE-2017-11567 Mongoose Web Server v6.5 CSRF Command Execution ( apparitionsec @ gmail / hyp3rlinx ) 2017-09-05
apparitionsec gmail com

Malware

 

Phishing

ANZ BANK

7th September 2017

CUSTOMER SUPPORT SECURITY
NOTIFICATION

ANZ BANK

6th September 2017

ACCOUNT SECURITY NOTIFICATION

iTunes Payments

5th September 2017

NEW STATMENT RECIPT] YOUR
ORDER IS COMFIRMED ORDER ID :
IN83486432569,DOCUMENT NO
:165153576544

Vulnerebility

Oracle PeopleSoft Products CVE-2011-2315 Remote PeopleSoft Enterprise PeopleTools Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50263

Oracle Fusion Middleware CVE-2012-0522 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53053

Oracle Outside In Technology CVE-2012-0557 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53054

Oracle Sun Products Suite CVE-2011-3507 Remote Oracle Communications Unified Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50264

Oracle E-Business Suite CVE-2012-0513 Remote Oracle Application Object Library Vulnerabilty
2017-09-07
http://www.securityfocus.com/bid/53055

Oracle PeopleSoft CVE-2011-3529 Remote PeopleSoft Enterprise HRMS Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50267

Oracle Sun Products Suite CVE-2011-2292 Local Solaris Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50268

Oracle Outside In Technology CVE-2012-0555 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53070

Oracle Database Server CVE-2012-0519 Remote Core RDBMS Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53072

Oracle Identity Manager CVE-2012-0532 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53060

Oracle E-Business Suite CVE-2012-0542 Remote Oracle iStore Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53068

Oracle E-Business Suite CVE-2012-0537 Remote Oracle Application Object Library Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53066

Oracle E-Business Suite CVE-2012-0535 Remote Oracle Application Object Library Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53059

Oracle Outside In Technology CVE-2012-0554 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53069

Oracle Outside In Technology CVE-2012-0556 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53087

Oracle Database Server CVE-2012-1708 Remote Application Express Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53104

Oracle Database Server CVE-2012-0520 Remote Enterprise Manager Base Platform Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53081

Oracle FLEXCUBE Universal Bank CVE-2012-0571 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53103

Oracle BI Publisher CVE-2012-0543 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53083

Oracle FLEXCUBE Direct Banking CVE-2012-1707 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53107

Oracle Identity Manager Connector CVE-2012-0515 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53079

Oracle FLEXCUBE Universal Banking CVE-2012-0567 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53114

Oracle FLEXCUBE Universal Banking CVE-2012-0545 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53122

Oracle FLEXCUBE Universal Banking CVE-2012-0575 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53111

Oracle FLEXCUBE Direct Banking CVE-2012-0576 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53113

Oracle FLEXCUBE Direct Banking CVE-2012-1706 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53116

Oracle Solaris CVE-2012-1698 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53128

Oracle FLEXCUBE Universal Banking CVE-2012-0546 Remote Vulnerability
2017-09-07
http://www.securityfocus.com/bid/53108

Oracle E-Business Suite CVE-2011-2303 Remote Oracle Application Object Library Vulnerability
2017-09-07
http://www.securityfocus.com/bid/50225

Oracle Supply Chain Products Suite CVE-2011-3532 Remote Oracle Agile Product Supplier Collaboration
2017-09-07
http://www.securityfocus.com/bid/50227

SANS News

Modern Web Application Penetration Testing , Hash Length Extension Attacks

Threatpost

Tor Project Brings Security Slider Feature to Android App Orfox

IDN Homograph Attack Spreading Betabot Backdoor

13 Critical Remote Code Execution Bugs Fixed in September Android Update

Exploit

Apache Struts 2.5 - Remote Code Execution

Ultimate HR System <= 1.2 - Directory Traversal / Cross-Site Scripting

Gh0st Client - Buffer Overflow (Metasploit)

Ultimate HR System <= 1.2 - Directory Traversal / Cross-Site Scripting

Online Invoice System 3.0 - SQL Injection

6.9.2017

Bugtraq

August 2017 - SourceTree - Critical Security Advisory 2017-09-06
David Black (dblack atlassian com)

SECURITY] DSA 3965-1] file security update 2017-09-05
Salvatore Bonaccorso (carnil debian org)

security bulletin] HPESBUX03772 rev.1 - HP-UX BIND Service Running Named, Multiple Vulnerabilities 2017-09-05
security-alert hpe com

CVE-2017-11567 Mongoose Web Server v6.5 CSRF Command Execution ( apparitionsec @ gmail / hyp3rlinx ) 2017-09-05
apparitionsec gmail com

Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability 2017-09-04
Vulnerability Lab (research vulnerability-lab com)

SECURITY] DSA 3963-1] mercurial security update 2017-09-04
Sebastien Delafond (seb debian org)

Malware

 

Phishing

 

Vulnerebility

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
2017-09-06
http://www.securityfocus.com/bid/100609

TYPO3 'fileDenyPattern' Arbitrary Code Execution Vulnerability
2017-09-06
http://www.securityfocus.com/bid/100620

GNU glibc CVE-2017-1000366 Local Memory Corruption Vulnerability
2017-09-05
http://www.securityfocus.com/bid/99127

Sudo CVE-2017-1000368 Incomplete Fix Local Privilege Escalation Vulnerability
2017-09-05
http://www.securityfocus.com/bid/98838

Linux Kernel CVE-2017-1000364 Local Memory Corruption Vulnerability
2017-09-05
http://www.securityfocus.com/bid/99130

Linux Kernel 'net/ipv6/output_core.c' Local Denial of Service Vulnerability
2017-09-05
http://www.securityfocus.com/bid/99953

Oracle Java SE CVE-2017-10193 Remote Security Vulnerability
2017-09-05
http://www.securityfocus.com/bid/99854

TYPO3 Information Disclosure Vulnerability
2017-09-05
http://www.securityfocus.com/bid/100621

TYPO3 Unspecified Cross Site Scripting Vulnerability
2017-09-05
http://www.securityfocus.com/bid/100616

Apache Struts CVE-2017-9804 Incomplete Fix Denial of Service Vulnerability
2017-09-05
http://www.securityfocus.com/bid/100612

Apache Struts CVE-2017-9793 Denial of Service Vulnerability
2017-09-05
http://www.securityfocus.com/bid/100611

Google Chrome Prior to 61.0.3163.79 Multiple Security Vulnerabilities
2017-09-05
http://www.securityfocus.com/bid/100610

TYPO3 User Permission Handling Information Disclosure Vulnerability
2017-09-05
http://www.securityfocus.com/bid/100568

GNU Binutils CVE-2017-14130 Heap Buffer Overflow Vulnerability
2017-09-04
http://www.securityfocus.com/bid/100625

OpenJPEG CVE-2017-14040 Memory Corruption Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100553

OpenJPEG 'bin/jp2/convert.c' Remote Stack Based Buffer Overflow Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100555

OpenJPEG 'mqc.c' Remote Heap Based Buffer Overflow Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100564

RubyGems CVE-2017-0901 Local Arbitrary File Overwrite Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100580

RubyGems CVE-2017-0900 Denial of Service Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100579

Openstack instack-undercloud CVE-2017-7549 Insecure Temporary File Handling Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100407

FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2017-08-31
http://www.securityfocus.com/bid/99623

Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2017-08-31
http://www.securityfocus.com/bid/97948

FFmpeg CVE-2017-14058 Denial of Service Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100629

FFmpeg CVE-2017-14056 Denial of Service Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100628

FFmpeg 'libavformat/rmdec.c' Denial of Service Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100627

FFmpeg CVE-2017-14055 Denial of Service Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100626

Palo Alto Networks PAN-OS CVE-2017-12416 Cross Site Scripting Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100619

Pivotal Single Sign-On for PCF CVE-2017-8044 Cross Site Scripting Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100618

Pivotal Single Sign-On for PCF CVE-2017-8040 XML External Entity Injection Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100617

Pivotal Single Sign-On for PCF CVE-2017-8041 Cross Site Scripting Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100615

SANS News

Struts vulnerability patch released by apache, patch now

The Mirai Botnet: A Look Back and Ahead At What's Next

Threatpost

Patch Released for Critical Apache Struts Bug

Four Million Time Warner Cable Records Left on Misconfigured AWS S3

Military Contractor’s Vendor Leaks Resumes in Misconfigured AWS S3

Exploit

Cory Support - 'pr' Parameter SQL Injection

Advertiz PHP Script 0.2 - Cross-Site Request Forgery (Update Admin)

Pay Banner Text Link Ad 1.0.6.1 - Cross-Site Request Forgery (Update Admin)

Pay Banner Text Link Ad 1.0.6.1 - SQL Injection

Jungo DriverWizard WinDriver - Kernel Pool Overflow

Jungo DriverWizard WinDriver - Kernel Out-of-Bounds Write Privilege Escalation

Tor - Linux Sandbox Breakout via X11

Mongoose Web Server 6.5 - Cross-Site Request Forgery / Remote Code Execution

A2billing 2.x - Backup File Download / Remote Code Execution

iGreeting Cards 1.0 - SQL Injection

WordPress Plugin Participants Database < 1.7.5.10 - Cross-Site Scripting

The Car Project 1.0 - SQL Injection

5.9.2017

Bugtraq

CVE-2017-11567 Mongoose Web Server v6.5 CSRF Command Execution ( apparitionsec @ gmail / hyp3rlinx ) 2017-09-05
apparitionsec gmail com

Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability 2017-09-04
Vulnerability Lab (research vulnerability-lab com)

SECURITY] DSA 3963-1] mercurial security update 2017-09-04
Sebastien Delafond (seb debian org)

SECURITY] DSA 3962-1] strongswan security update 2017-09-03
Yves-Alexis Perez (corsac debian org)

SECURITY] DSA 3961-1] libgd2 security update 2017-09-03
Salvatore Bonaccorso (carnil debian org)

security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information 2017-08-31
security-alert hpe com

security bulletin] HPESBGN03767 rev.1 - HPE Operations Orchestration, Remote Code Execution 2017-08-31
security-alert hpe com

SECURITY] DSA 3957-1] ffmpeg security update 2017-08-28
Luciano Bello (luciano debian org)

Malware

 

Phishing

iTunes Payments

5th September 2017

NEW STATMENT RECIPT] YOUR
ORDER IS COMFIRMED ORDER ID :
IN83486432569,DOCUMENT NO
:165153576544

NotificationFacebook

4th September 2017

Your 2 unread messages will be
deleted in a few days flirt

Vulnerebility

Linux Kernel 'net/ipv6/output_core.c' Local Denial of Service Vulnerability
2017-09-05
http://www.securityfocus.com/bid/99953

Oracle Java SE CVE-2017-10193 Remote Security Vulnerability
2017-09-05
http://www.securityfocus.com/bid/99854

OpenJPEG CVE-2017-14040 Memory Corruption Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100553

OpenJPEG 'bin/jp2/convert.c' Remote Stack Based Buffer Overflow Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100555

OpenJPEG 'mqc.c' Remote Heap Based Buffer Overflow Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100564

RubyGems CVE-2017-0901 Local Arbitrary File Overwrite Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100580

SANS News

It is a resume - Part 2

The Mirai Botnet: A Look Back and Ahead At What's Next

Threatpost

 

Exploit

Mongoose Web Server 6.5 - Cross-Site Request Forgery / Remote Code Execution

A2billing 2.x - Backup File Download / Remote Code Execution

iGreeting Cards 1.0 - SQL Injection

WordPress Plugin Participants Database < 1.7.5.10 - Cross-Site Scripting

The Car Project 1.0 - SQL Injection

Joomla! Component Survey Force Deluxe 3.2.4 - 'invite' Parameter SQL Injection

4.9.2017

Bugtraq

 

Malware

 

Phishing

MBNA Credit Card

4th September 2017

Your Lastest MBNA credit card
statement

Vulnerebility

 

SANS News

It is a resume - Part 1

Threatpost

 

Exploit

FineCMS 1.0 - Multiple Vulnerabilities

Lotus Notes Diagnostic Tool 8.5/9.0 - Privilege Escalation

IBM Notes 8.5.x/9.0.x - Denial of Service (2)

IBM Notes 8.5.x/9.0.x - Denial of Service

Wireless Repeater BE126 - Remote Code Execution

Symantec Messaging Gateway < 10.6.3-267 - Cross-Site Request Forgery

Wireless Repeater BE126 - Remote Code Execution

RubyGems < 2.6.13 - Arbitrary File Overwrite

Dup Scout Enterprise 9.9.14 - 'Input Directory' Local Buffer Overflow

3.9.2017

Bugtraq

 

Malware

 

Phishing

DocuSign

2nd September 2017

Docusign Notifications-

Accounts

1st September 2017

You have 2 unread messages
that will be deleted in a few
days satisfied

Nationwide

30th August 2017

Online Account Disabled:
30/08/2017

Vulnerebility

OpenJPEG CVE-2017-14040 Memory Corruption Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100553

OpenJPEG 'bin/jp2/convert.c' Remote Stack Based Buffer Overflow Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100555

OpenJPEG 'mqc.c' Remote Heap Based Buffer Overflow Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100564

RubyGems CVE-2017-0901 Local Arbitrary File Overwrite Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100580

RubyGems CVE-2017-0900 Denial of Service Vulnerability
2017-09-01
http://www.securityfocus.com/bid/100579

Openstack instack-undercloud CVE-2017-7549 Insecure Temporary File Handling Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100407

FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2017-08-31
http://www.securityfocus.com/bid/99623

Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2017-08-31
http://www.securityfocus.com/bid/97948

RubyGems CVE-2017-0899 Security Bypass Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100576

Siemens 7KM PAC Switched Ethernet PROFINET Expansion Module Denial of Service Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100562

Multiple Siemens Products CVE-2017-12069 XML External Entity Injection Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100559

Multiple Automated Logic Corporation CVE-2016-5795 XML External Entity Injection Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100558

Moxa SoftCMS CVE-2017-50137 SQL Injection Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100557

libgcrypt CVE-2017-0379 Information Disclosure Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100503

GraphicsMagick CVE-2017-13777 Denial of Service Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100575

GraphicsMagick CVE-2017-13776 Denial of Service Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100574

OpenJPEG 'pi.c' Divide-By-Zero Multiple Denial of Service Vulnerabilities
2017-08-30
http://www.securityfocus.com/bid/100573

Linux Kernel CVE-2017-14051 Local Integer Overflow Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100571

GraphicsMagick CVE-2017-13775 Denial of Service Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100570

ImageMagick CVE-2017-13768 Denial of Service Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100569

OpenJPEG CVE-2016-10507 Local Integer Overflow Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100567

Multiple OPW Products ICSA-17-243-04 SQL Injection and Authentication Bypass Vulnerabilities
2017-08-30
http://www.securityfocus.com/bid/100563

Siemens LOGO!8 BM CVE-2017-12735 Man in the Middle Security Bypass Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100561

Siemens LOGO!8 BM CVE-2017-12734 Information Disclosure Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100560

Drupal H5P module Module DRUPAL-SA-CONTRIB-2017-071 Cross Site Scripting Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100548

Ledger CLI CVE-2017-2808 Remote Code Execution Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100546

Wireshark Modbus Dissector CVE-2017-13764 Denial of Service Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100545

Drupal 'Commerce Invoices' Module SQL Injection and Cross-Site Scripting Vulnerabilities
2017-08-30
http://www.securityfocus.com/bid/100544

Ledger CLI CVE-2017-2807 Remote Code Execution Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100543

gdk-pixbuf Integer Overflow and Heap Based Buffer Overflow Vulnerabilities
2017-08-30
http://www.securityfocus.com/bid/100541

SANS News

AutoIT based malware back in the wild

Threatpost

‘HoeflerText’ Popups Target Browsers With RAT and Locky Ransomware

No Fix Planned For LabVIEW Bug, Says National Instruments


US Government Site Was Hosting Ransomware

Exploit

Motorola Bootloader - Kernel Cmdline Injection Secure Boot and Device Locking Bypass

OpenJPEG - 'mqc.c' Heap-Based Buffer Overflow

FineCMS 1.0 - Multiple Vulnerabilities

IBM Notes 8.5.x/9.0.x - Denial of Service

1.9.2017

Bugtraq

security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information 2017-08-31
security-alert hpe com

security bulletin] HPESBGN03767 rev.1 - HPE Operations Orchestration, Remote Code Execution 2017-08-31
security-alert hpe com

SECURITY] DSA 3957-1] ffmpeg security update 2017-08-28
Luciano Bello (luciano debian org)

security bulletin] HPESBHF03770 rev.1 - HPE Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat, Remote Arbitrary Code Execution 2017-08-28
HPE Product Security Response Team (security-alert hpe com)

SECURITY] DSA 3956-1] connman security update 2017-08-27
Luciano Bello (luciano debian org)

Malware

Backdoor.Vodiboti

Ransom.Lukitus

Trojan.Turbear

Trojan.Downblocker

Phishing

Accounts

1st September 2017

You have 2 unread messages
that will be deleted in a few
days satisfied

Nationwide

30th August 2017

Online Account Disabled:
30/08/2017

Vulnerebility

Openstack instack-undercloud CVE-2017-7549 Insecure Temporary File Handling Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100407

FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2017-08-31
http://www.securityfocus.com/bid/99623

Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2017-08-31
http://www.securityfocus.com/bid/97948

Siemens 7KM PAC Switched Ethernet PROFINET Expansion Module Denial of Service Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100562

Multiple Siemens Products CVE-2017-12069 XML External Entity Injection Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100559

Multiple Automated Logic Corporation CVE-2016-5795 XML External Entity Injection Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100558

Moxa SoftCMS CVE-2017-50137 SQL Injection Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100557

libgcrypt CVE-2017-0379 Information Disclosure Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100503

OpenJPEG 'mqc.c' Remote Heap Based Buffer Overflow Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100564

Multiple OPW Products ICSA-17-243-04 SQL Injection and Authentication Bypass Vulnerabilities
2017-08-30
http://www.securityfocus.com/bid/100563

Siemens LOGO!8 BM CVE-2017-12735 Man in the Middle Security Bypass Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100561

Siemens LOGO!8 BM CVE-2017-12734 Information Disclosure Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100560

OpenJPEG CVE-2017-14040 Memory Corruption Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100553

Drupal H5P module Module DRUPAL-SA-CONTRIB-2017-071 Cross Site Scripting Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100548

Ledger CLI CVE-2017-2808 Remote Code Execution Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100546

Wireshark Modbus Dissector CVE-2017-13764 Denial of Service Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100545

Drupal 'Commerce Invoices' Module SQL Injection and Cross-Site Scripting Vulnerabilities
2017-08-30
http://www.securityfocus.com/bid/100544

Ledger CLI CVE-2017-2807 Remote Code Execution Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100543

gdk-pixbuf Integer Overflow and Heap Based Buffer Overflow Vulnerabilities
2017-08-30
http://www.securityfocus.com/bid/100541

QEMU 'hw/display/vga.c' Denial of Service Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100540

Linux kernel CVE-2017-11176 Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99919

Linux Kernel 'brcmf_cfg80211_mgmt_tx()' Function Local Memory Corruption Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99955

Linux Kernel 'securelevel/secureboot' Local Security Bypass Vulnerability
2017-08-29
http://www.securityfocus.com/bid/77097

Linux Kernel CVE-2017-7495 Local Information Disclosure Vulnerability
2017-08-29
http://www.securityfocus.com/bid/98491

PHP LibGD CVE-2016-3074 Heap Buffer Overflow Vulnerability
2017-08-29
http://www.securityfocus.com/bid/87087

Linux kernel 'net/ipx/af_ipx.c' Use After Free Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/98439

Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99534

Linux Kernel CVE-2017-7616 Multiple Local Information Disclosure Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/97527

Linux Kernel CVE-2017-7261 Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/97096

Linux Kernel Multiple Information Disclosure Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/94138

SANS News

Malspam pushing Locky ransomware tries HoeflerText notifications for Chrome and FireFox

Threatpost

Bugs in Arris Modems Distributed by AT&T Vulnerable to Trivial Attacks

FDA Recalls 465K Pacemakers Tied to MedSec Research

Reflected XSS Bug Patched in Popular WooCommerce WordPress Plugin

Exploit

 

31.8.2017

Bugtraq

 

Malware

Backdoor.Gazer

Phishing

 

Vulnerebility

Openstack instack-undercloud CVE-2017-7549 Insecure Temporary File Handling Vulnerability
2017-08-31
http://www.securityfocus.com/bid/100407

FasterXML Jackson-databind CVE-2017-7525 Deserialization Remote Code Execution Vulnerability
2017-08-31
http://www.securityfocus.com/bid/99623

Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability
2017-08-31
http://www.securityfocus.com/bid/97948

libgcrypt CVE-2017-0379 Information Disclosure Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100503

Ledger CLI CVE-2017-2808 Remote Code Execution Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100546

Wireshark Modbus Dissector CVE-2017-13764 Denial of Service Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100545

Drupal 'Commerce Invoices' Module SQL Injection and Cross-Site Scripting Vulnerabilities
2017-08-30
http://www.securityfocus.com/bid/100544

Ledger CLI CVE-2017-2807 Remote Code Execution Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100543

gdk-pixbuf Integer Overflow and Heap Based Buffer Overflow Vulnerabilities
2017-08-30
http://www.securityfocus.com/bid/100541

QEMU 'hw/display/vga.c' Denial of Service Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100540

Linux kernel CVE-2017-11176 Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99919

Linux Kernel 'brcmf_cfg80211_mgmt_tx()' Function Local Memory Corruption Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99955

Linux Kernel 'securelevel/secureboot' Local Security Bypass Vulnerability
2017-08-29
http://www.securityfocus.com/bid/77097

Linux Kernel CVE-2017-7495 Local Information Disclosure Vulnerability
2017-08-29
http://www.securityfocus.com/bid/98491

PHP LibGD CVE-2016-3074 Heap Buffer Overflow Vulnerability
2017-08-29
http://www.securityfocus.com/bid/87087

Linux kernel 'net/ipx/af_ipx.c' Use After Free Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/98439

Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99534

Linux Kernel CVE-2017-7616 Multiple Local Information Disclosure Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/97527

Linux Kernel CVE-2017-7261 Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/97096

Linux Kernel Multiple Information Disclosure Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/94138

Linux Kernel CVE-2017-7273 Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/97190

FFmpeg 'libavcodec/dnxhddec.c' Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100020

FFmpeg CVE-2017-9608 NULL pointer Dereference Remote Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100348

FFmpeg 'libavcodec/apedec.c' Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100019

FFmpeg 'libavformat/rtmppkt.c' Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100017

FFmpeg CVE-2017-9993 Arbitrary File Read Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99315

Wireshark IrCOMM Dissector CVE-2017-13765 Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100551

Wireshark MSDP Dissector CVE-2017-13767 Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100549

Apache Atlas CVE-2017-3151 HTML Injection Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100547

Wireshark Profinet I/O Dissector CVE-2017-13766 Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100542

SANS News

Remote SOC Workers Concerns

Threatpost

Intel Confirms Its Much-Loathed ME Feature Has A Kill Switch

Turla APT Used WhiteBear Espionage Tools Against Defense Industry, Embassies

New Locky Variant ‘IKARUSdilapidated’ Strikes Again

Siemens Fixes Session Hijacking Bug in LOGO!, Warns of Man-in-the-Middle Attacks

Exploit

Git <= 2.7.5 - Command Injection (Metasploit)

Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection

Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection

Joomla! Component Quiz Deluxe 3.7.4 - SQL Injection

Joomla! Component Joomanager 2.0.0 - Arbitrary File Download

iBall Baton 150M Wireless Router - Authentication Bypass

Invoice Manager 3.1 - Cross-Site Request Forgery (Add Admin)

Linux/x86 - Fork Bomb Shellcode (9 bytes)

30.8.2017

Bugtraq

 

Malware

Trojan.Downblocker

OSX.Demsty

Ransom.Defray

Backdoor.Notestuk

Phishing

Nationwide

30th August 2017

Important message from
Nationwide.

Apple

29th August 2017

Reminder: Apple Service ]
Your Apple ID has been Locked.

Nationwide

29th August 2017

Important message from
Nationwide.

BankofAmerica

29th August 2017

Account Suspended

Dear Customer

29th August 2017

NEW STATMENT RECEIPT ORDER ID
: IN83486438369 DOCUMENT NO
:165153293544

Vulnerebility

libgcrypt CVE-2017-0379 Information Disclosure Vulnerability
2017-08-30
http://www.securityfocus.com/bid/100503

Linux kernel CVE-2017-11176 Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99919

Linux Kernel 'brcmf_cfg80211_mgmt_tx()' Function Local Memory Corruption Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99955

Linux Kernel 'securelevel/secureboot' Local Security Bypass Vulnerability
2017-08-29
http://www.securityfocus.com/bid/77097

Linux Kernel CVE-2017-7495 Local Information Disclosure Vulnerability
2017-08-29
http://www.securityfocus.com/bid/98491

PHP LibGD CVE-2016-3074 Heap Buffer Overflow Vulnerability
2017-08-29
http://www.securityfocus.com/bid/87087

Linux kernel 'net/ipx/af_ipx.c' Use After Free Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/98439

Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99534

Linux Kernel CVE-2017-7616 Multiple Local Information Disclosure Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/97527

Linux Kernel CVE-2017-7261 Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/97096

Linux Kernel Multiple Information Disclosure Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/94138

Linux Kernel CVE-2017-7273 Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/97190

FFmpeg 'libavcodec/dnxhddec.c' Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100020

FFmpeg CVE-2017-9608 NULL pointer Dereference Remote Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100348

FFmpeg 'libavcodec/apedec.c' Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100019

FFmpeg 'libavformat/rtmppkt.c' Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100017

FFmpeg CVE-2017-9993 Arbitrary File Read Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99315

LibTIFF 'tif_dirwrite.c' Multiple Denial of Service Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/100524

Multiple Abbott Pacemakers Multiple Security Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/100523

AzeoTech DAQFactory ICSA-17-241-01 Multiple Local Security Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100522

SQLite CVE-2017-13685 Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100521

National Instruments LabVIEW CVE-2017-2779 Memory Corruption Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100519

Akeo Consulting Rufus CVE-2017-13083 Arbitrary Code Execution Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100516

JasPer Multiple Denial of Service Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/100514

GraphicsMagick CVE-2017-13736 Multiple Denial of Service Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/100513

Oracle Java SE CVE-2013-0443 Remote Java Runtime Environment Vulnerability
2017-08-28
http://www.securityfocus.com/bid/57702

Oracle Java SE and JRockit CVE-2017-10243 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99827

Oracle Java SE and JRockit CVE-2017-10115 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99774

Oracle Java SE and JRockit CVE-2017-10116 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99734

Oracle Java SE CVE-2017-10107 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99719

SANS News

Second Google Chrome Extension Banker Malware in Two Weeks

Threatpost

Google Reminding Admins HTTP Pages Will Be Marked ‘Not Secure’ in October

Researchers Figure Out How to Blind ISPs from Smart Home Device Traffic

Revamped Nukebot Malware Changes Targets, Adds Functions

Telnet Credential Leak Reinforces Bleak State of IoT Security

Exploit

QNAP Transcode Server - Command Execution (Metasploit)

NethServer 7.3.1611 - Cross-Site Request Forgery / Cross-Site Scripting

NethServer 7.3.1611 - Cross-Site Request Forgery (Create User / Enable SSH Access)

D-Link DIR-600 - Authentication Bypass

Car or Cab Booking Script - Authentication Bypass

PHP Appointment Booking Script - Authentication Bypass

User Login and Management - Multiple Vulnerabilities

PHP Video Battle Script 1.0 - SQL Injection

Easy Vedio to PSP Converter 1.6.20 - Buffer Overflow (SEH)

29.8.2017

Bugtraq

SECURITY] DSA 3957-1] ffmpeg security update 2017-08-28
Luciano Bello (luciano debian org)

security bulletin] HPESBHF03770 rev.1 - HPE Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat, Remote Arbitrary Code Execution 2017-08-28
HPE Product Security Response Team (security-alert hpe com)

Malware

 

Phishing

AdministrationFacebook

29th August 2017

You have 2 unread messages
that will be deleted in a few
days berets

Vulnerebility

Linux Kernel CVE-2017-7616 Multiple Local Information Disclosure Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/97527

Linux Kernel CVE-2017-7495 Local Information Disclosure Vulnerability
2017-08-29
http://www.securityfocus.com/bid/98491

Linux kernel 'net/ipx/af_ipx.c' Use After Free Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/98439

Linux Kernel CVE-2017-7261 Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/97096

Linux Kernel Multiple Information Disclosure Vulnerabilities
2017-08-29
http://www.securityfocus.com/bid/94138

Linux Kernel CVE-2017-7273 Local Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/97190

FFmpeg 'libavcodec/dnxhddec.c' Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100020

FFmpeg CVE-2017-9608 NULL pointer Dereference Remote Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100348

FFmpeg 'libavcodec/apedec.c' Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100019

FFmpeg 'libavformat/rtmppkt.c' Denial of Service Vulnerability
2017-08-29
http://www.securityfocus.com/bid/100017

FFmpeg CVE-2017-9993 Arbitrary File Read Vulnerability
2017-08-29
http://www.securityfocus.com/bid/99315

Oracle Java SE CVE-2013-0443 Remote Java Runtime Environment Vulnerability
2017-08-28
http://www.securityfocus.com/bid/57702

Oracle Java SE and JRockit CVE-2017-10243 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99827

Oracle Java SE and JRockit CVE-2017-10115 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99774

Oracle Java SE and JRockit CVE-2017-10116 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99734

Oracle Java SE CVE-2017-10107 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99719

Oracle Java SE and JRockit CVE-2017-10108 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99846

Oracle Java SE CVE-2017-10102 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99712

Oracle Java SE CVE-2017-10105 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99851

Oracle Java SE CVE-2017-10096 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99670

Oracle Java SE CVE-2017-10067 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99756

Oracle Java SE and JRockit CVE-2017-10109 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99847

Oracle Java SE and JRockit CVE-2017-10053 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99842

Oracle Java SE CVE-2017-10101 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99674

Oracle Java SE CVE-2017-10110 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99643

Oracle Java SE CVE-2017-10087 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99703

Multiple OpenStack Products CVE-2017-12440 Security Bypass Vulnerability
2017-08-28
http://www.securityfocus.com/bid/100455

Oracle Java SE and JRockit CVE-2017-10176 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99788

Oracle Java SE and JRockit CVE-2017-10135 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99839

Oracle Java SE CVE-2017-10090 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99706

SANS News

An Update On DVR Malware: A DVR Torture Chamber

Threatpost

Fraudulent Donations Lead to Disbanding of Hutchins Legal Defense Fund

CEOs Resign from Trump’s Cybersecurity Commission


Anonymous Messaging App Sarahah to Halt Collection of User Data With Next Update

Exploit

NethServer 7.3.1611 - Cross-Site Request Forgery / Cross-Site Scripting

NethServer 7.3.1611 - Cross-Site Request Forgery (Create User / Enable SSH Access)

D-Link DIR-600 - Authentication Bypass

Car or Cab Booking Script - Authentication Bypass

PHP Appointment Booking Script - Authentication Bypass

User Login and Management - Multiple Vulnerabilities

PHP Video Battle Script 1.0 - SQL Injection

Easy Vedio to PSP Converter 1.6.20 - Buffer Overflow (SEH)

28.8.2017

Bugtraq

SECURITY] DSA 3956-1] connman security update 2017-08-27
Luciano Bello (luciano debian org)

Trend Micro Hosted Email Security (HES) - Email Interception and Direct Object Reference 2017-08-24
Patrick Webster (patrick osisecurity com au)

Malware

 

Phishing

 

Vulnerebility

Oracle Java SE and JRockit CVE-2017-10243 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99827

Oracle Java SE CVE-2017-10087 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99703

Oracle Java SE and JRockit CVE-2017-10108 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99846

Multiple OpenStack Products CVE-2017-12440 Security Bypass Vulnerability
2017-08-28
http://www.securityfocus.com/bid/100455

Oracle Java SE CVE-2017-10107 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99719

Oracle Java SE and JRockit CVE-2017-10109 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99847

Oracle Java SE and JRockit CVE-2017-10176 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99788

Oracle Java SE CVE-2017-10096 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99670

Oracle Java SE and JRockit CVE-2017-10135 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99839

Oracle Java SE CVE-2017-10090 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99706

Oracle Java SE CVE-2017-10067 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99756

Oracle Java SE CVE-2017-10074 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99731

Oracle Java SE CVE-2017-10110 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99643

Oracle Java SE and JRockit CVE-2017-10198 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99818

Oracle Java SE and JRockit CVE-2017-10116 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99734

Oracle Java SE CVE-2017-10101 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99674

Oracle Java SE CVE-2017-10102 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99712

Oracle Java SE and JRockit CVE-2017-10053 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99842

Oracle Java SE CVE-2017-10081 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99853

Oracle Java SE and JRockit CVE-2017-10115 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99774

Oracle Java SE and JRockit CVE-2017-10118 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99782

Oracle MySQL Server CVE-2017-3641 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99767

Oracle MySQL Server CVE-2017-3653 Remote Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99810

Oracle MySQL Server CVE-2017-3636 Local Security Vulnerability
2017-08-28
http://www.securityfocus.com/bid/99736

Oracle Java SE CVE-2012-5068 Remote Java Runtime Environment Vulnerability
2017-08-28
http://www.securityfocus.com/bid/56076

GraphicsMagick CVE-2017-11642 Denial of Service Vulnerability
2017-08-26
http://www.securityfocus.com/bid/100395

SAP NetWeaver Central Technical Configuration Unspecified Cross Site Scripting Vulnerability
2017-08-25
http://www.securityfocus.com/bid/97566

SAP NetWeaver Knowledge Management XML External Entity Injection Vulnerability
2017-08-25
http://www.securityfocus.com/bid/97572

IBM Rhapsody DM CVE-2016-8975 Cross Site Scripting Vulnerability
2017-08-25
http://www.securityfocus.com/bid/100124

FortiManager Multiple Security Vulnerabilities
2017-08-25
http://www.securityfocus.com/bid/74444

SANS News

 

Threatpost

 

Exploit

Dup Scout Enterprise 9.9.14 - Buffer Overflow (SEH)

Disk Savvy Enterprise 9.9.14 - Buffer Overflow (SEH)

Sync Breeze Enterprise 9.9.16 - Buffer Overflow (SEH)

Disk Pulse Enterprise 9.9.16 - Buffer Overflow (SEH)

Joomla! Component Photo Contest 1.0.2 - SQL Injection

Joomla! Component OSDownloads 1.7.4 - SQL Injection

AutoCar 1.1 - 'category' Parameter SQL Injection

Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection

Matrimonial Script 2.7 - Authentication bypass

Smart Chat 1.0.0 - SQL Injection

FTP Made Easy PRO 1.2 - SQL Injection

Easy RM RMVB to DVD Burner 1.8.11 - Buffer Overflow (SEH)

Easy DVD Creator 2.5.11 - Buffer Overflow (SEH)

Easy WMV/ASF/ASX to DVD Burner 2.3.11 - Buffer Overflow (SEH)

27.8.2017

Bugtraq

 

Malware

 

Phishing

NatWestCreditCards@natwest.com

26th August 2017

Your recent bill is ready -
NatWest credit card.

Vulnerebility

SAP NetWeaver Central Technical Configuration Unspecified Cross Site Scripting Vulnerability
2017-08-25
http://www.securityfocus.com/bid/97566

SAP NetWeaver Knowledge Management XML External Entity Injection Vulnerability
2017-08-25
http://www.securityfocus.com/bid/97572

IBM Rhapsody DM CVE-2016-8975 Cross Site Scripting Vulnerability
2017-08-25
http://www.securityfocus.com/bid/100124

FortiManager Multiple Security Vulnerabilities
2017-08-25
http://www.securityfocus.com/bid/74444

Cisco IOS and IOS XE Software Multiple Remote Code Execution Vulnerabilities
2017-08-24
http://www.securityfocus.com/bid/99345

ISC BIND CVE-2017-3142 Security Bypass Vulnerability
2017-08-24
http://www.securityfocus.com/bid/99339

ISC BIND CVE-2017-3143 Security Bypass Vulnerability
2017-08-24
http://www.securityfocus.com/bid/99337

augeas CVE-2017-7555 Memory Corruption Vulnerability
2017-08-24
http://www.securityfocus.com/bid/100378

Multiple Westermo Routers Multiple Security Vulnerabilities
2017-08-24
http://www.securityfocus.com/bid/100470

HP Integrated Lights-Out CVE-2017-12542 Multiple Unspecified Security Vulnerabilities
2017-08-24
http://www.securityfocus.com/bid/100467

Adobe Digital Editions CVE-2017-11272 XML Entity Parsing Information Disclosure Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100193

Adobe Digital Editions APSB17-27 Multiple Unspecified Memory Corruption Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/100244

Adobe Digital Editions CVE-2017-11274 Unspecified Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100194

TeX Live CVE-2016-10243 Remote Code Execution Vulnerability
2017-08-23
http://www.securityfocus.com/bid/96593

Ansible CVE-2017-7481 Security Bypass Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98492

Smb4K CVE-2017-8849 Local Privilege Escalation Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98690

Google Android Libraries Multiple Remote Code Execution Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/98877

libxml2 CVE-2017-9049 Heap Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98601

Libxml2 CVE-2017-9047 Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98599

libxml2 CVE-2017-9050 Incomplete Fix Local Heap Based Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98568

libxml2 CVE-2017-9048 Local Stack Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98556

RedHat CVS CVE-2017-12836 Command Injection Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100279

Multiple Cisco ADSL Routers CVE-2017-11587 Directory Traversal Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100484

Linux Kernel CVE-2017-7558 Multiple Local Information Disclosure Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/100466

Cisco Meeting Server CVE-2017-6794 Local Command Injection and Privilege Escalation Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/100464

GNU Binutils CVE-2017-12967 Remote Denial of Service Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100462

Trend Micro Smart Protection CVE-2017-11395 OS Command Injection Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100461

libzip CVE-2017-12858 Double Free Local Denial of Service Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100459

Multiple Automated Logic Corporation Products CVE-2017-9644 Local Privilege Escalation Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100454

SANS News

Malware analysis: searching for dots

Threatpost

Defray Ransomware Seen Targeting Education, Healthcare Industry

Cryptocurrency Mining Malware Hosted in Amazon S3 Bucket

Security Lacking in Previous AppleAVEDriver iOS Kernel Extension

Exploit

Apple iOS <= 10.3.1 - Kernel Exploit

25.8.2017

Bugtraq

Trend Micro Hosted Email Security (HES) - Email Interception and Direct Object Reference 2017-08-24
Patrick Webster (patrick osisecurity com au)

security bulletin] HPESBHF03769 rev.1 - HPE Integrated Lights-out 4 (iLO 4) Multiple Remote Vulnerabilities 2017-08-23
security-alert hpe com

SECURITY] DSA 3953-1] aodh security update 2017-08-23
Luciano Bello (luciano debian org)

Malware

 

Phishing

Amazon Customer Support

25th August 2017

Your Amazon.com Order

AppleID

24th August 2017

Your Apple ID has been locked
for security reasons.

Daily Brand Winner

24th August 2017

Do you want a $100 Amazon]
Gift Card ?

Vulnerebility

GraphicsMagick CVE-2017-11642 Denial of Service Vulnerability
2017-08-26
http://www.securityfocus.com/bid/100395

SAP NetWeaver Central Technical Configuration Unspecified Cross Site Scripting Vulnerability
2017-08-25
http://www.securityfocus.com/bid/97566

SAP NetWeaver Knowledge Management XML External Entity Injection Vulnerability
2017-08-25
http://www.securityfocus.com/bid/97572

IBM Rhapsody DM CVE-2016-8975 Cross Site Scripting Vulnerability
2017-08-25
http://www.securityfocus.com/bid/100124

FortiManager Multiple Security Vulnerabilities
2017-08-25
http://www.securityfocus.com/bid/74444

Cisco IOS and IOS XE Software Multiple Remote Code Execution Vulnerabilities
2017-08-24
http://www.securityfocus.com/bid/99345

ISC BIND CVE-2017-3142 Security Bypass Vulnerability
2017-08-24
http://www.securityfocus.com/bid/99339

ISC BIND CVE-2017-3143 Security Bypass Vulnerability
2017-08-24
http://www.securityfocus.com/bid/99337

augeas CVE-2017-7555 Memory Corruption Vulnerability
2017-08-24
http://www.securityfocus.com/bid/100378

Multiple Westermo Routers Multiple Security Vulnerabilities
2017-08-24
http://www.securityfocus.com/bid/100470

HP Integrated Lights-Out CVE-2017-12542 Multiple Unspecified Security Vulnerabilities
2017-08-24
http://www.securityfocus.com/bid/100467

Adobe Digital Editions CVE-2017-11272 XML Entity Parsing Information Disclosure Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100193

Adobe Digital Editions APSB17-27 Multiple Unspecified Memory Corruption Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/100244

Adobe Digital Editions CVE-2017-11274 Unspecified Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100194

TeX Live CVE-2016-10243 Remote Code Execution Vulnerability
2017-08-23
http://www.securityfocus.com/bid/96593

Ansible CVE-2017-7481 Security Bypass Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98492

Smb4K CVE-2017-8849 Local Privilege Escalation Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98690

Google Android Libraries Multiple Remote Code Execution Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/98877

libxml2 CVE-2017-9049 Heap Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98601

Libxml2 CVE-2017-9047 Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98599

libxml2 CVE-2017-9050 Incomplete Fix Local Heap Based Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98568

libxml2 CVE-2017-9048 Local Stack Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98556

RedHat CVS CVE-2017-12836 Command Injection Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100279

Multiple Cisco ADSL Routers CVE-2017-11587 Directory Traversal Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100484

Linux Kernel CVE-2017-7558 Multiple Local Information Disclosure Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/100466

Cisco Meeting Server CVE-2017-6794 Local Command Injection and Privilege Escalation Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/100464

GNU Binutils CVE-2017-12967 Remote Denial of Service Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100462

Trend Micro Smart Protection CVE-2017-11395 OS Command Injection Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100461

libzip CVE-2017-12858 Double Free Local Denial of Service Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100459

Multiple Automated Logic Corporation Products CVE-2017-9644 Local Privilege Escalation Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100454

SANS News

Malicious AutoIT script delivered in a self-extracting RAR file

Threatpost

Security Lacking in Previous AppleAVEDriver iOS Kernel Extension

Adware Spreading Via Social Engineering, Facebook Messenger

Exploit

Joomla! Component Bargain Product VM3 1.0 - 'product_id' Parameter SQL Injection

Joomla! Component Price Alert 3.0.2 - 'product_id' Parameter SQL Injection

Joomla! Component MasterForms 1.0.3 - SQL Injection

Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 - Buffer Overflow (SEH)

MP3 WAV to CD Burner 1.4.24 - Buffer Overflow (SEH)

My Video Converter 1.5.24 - Buffer Overflow (SEH)

Easy AVI DivX Converter 1.2.24 - Buffer Overflow (SEH)

24.8.2017

Bugtraq

Trend Micro Hosted Email Security (HES) - Email Interception and Direct Object Reference 2017-08-24
Patrick Webster (patrick osisecurity com au)

security bulletin] HPESBHF03769 rev.1 - HPE Integrated Lights-out 4 (iLO 4) Multiple Remote Vulnerabilities 2017-08-23
security-alert hpe com

SECURITY] DSA 3953-1] aodh security update 2017-08-23
Luciano Bello (luciano debian org)

SECURITY] DSA 3951-1] smb4k security update 2017-08-22
Moritz Muehlenhoff (jmm debian org)

RT-SA-2015-008] WebClientPrint Processor 2.0: Remote Code Execution via Print Jobs 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)

RT-SA-2015-009] WebClientPrint Processor 2.0: Remote Code Execution via Updates 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)

RT-SA-2015-010] WebClientPrint Processor 2.0: Unauthorised Proxy Modification 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)

RT-SA-2015-011] WebClientPrint Processor 2.0: No Validation of TLS Certificates 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)

Malware

 

Phishing

 

Vulnerebility

augeas CVE-2017-7555 Memory Corruption Vulnerability
2017-08-24
http://www.securityfocus.com/bid/100378

Adobe Digital Editions CVE-2017-11272 XML Entity Parsing Information Disclosure Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100193

Adobe Digital Editions APSB17-27 Multiple Unspecified Memory Corruption Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/100244

Adobe Digital Editions CVE-2017-11274 Unspecified Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100194

TeX Live CVE-2016-10243 Remote Code Execution Vulnerability
2017-08-23
http://www.securityfocus.com/bid/96593

Ansible CVE-2017-7481 Security Bypass Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98492

Smb4K CVE-2017-8849 Local Privilege Escalation Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98690

Google Android Libraries Multiple Remote Code Execution Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/98877

libxml2 CVE-2017-9049 Heap Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98601

Libxml2 CVE-2017-9047 Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98599

libxml2 CVE-2017-9050 Incomplete Fix Local Heap Based Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98568

libxml2 CVE-2017-9048 Local Stack Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98556

RedHat CVS CVE-2017-12836 Command Injection Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100279

GNU Binutils CVE-2017-12967 Remote Denial of Service Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100462

Trend Micro Smart Protection CVE-2017-11395 OS Command Injection Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100461

libzip CVE-2017-12858 Double Free Local Denial of Service Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100459

Multiple Automated Logic Corporation Products CVE-2017-9644 Local Privilege Escalation Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100454

Jenkins Git Plugin CVE-2017-1000092 Cross Site Request Forgery Vulnerability
2017-08-22
http://www.securityfocus.com/bid/100435

Avira Antivirus Remote Heap Underflow Vulnerability
2017-08-22
http://www.securityfocus.com/bid/84841

Oracle Java SE CVE-2013-5812 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63126

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5803 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63082

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2013-5804 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63149

Oracle Java SE CVE-2013-5797 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63095

Oracle Java SE CVE-2013-5790 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63102

Oracle Java SE CVE-2013-5801 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63147

Oracle Java SE CVE-2013-5787 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63155

Oracle Java SE CVE-2013-5789 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63156

SANS News

 

Threatpost

Zerodium Offers $500K for Secure Messaging App Zero Days

Business Email Compromise Campaign Harvesting Credentials in Numerous Industries

Exploit

Matrimonial Script - SQL Injection

Automated Logic WebCTRL 6.5 - Unrestricted File Upload / Remote Code Execution

Automated Logic WebCTRL 6.1 - Path Traversal / Arbitrary File Write

Automated Logic WebCTRL 6.5 - Local Privilege Escalation

libgig 4.0.0 - LinuxSampler Multiple Vulnerabilities

23.8.2017

Bugtraq

SECURITY] DSA 3951-1] smb4k security update 2017-08-22
Moritz Muehlenhoff (jmm debian org)

RT-SA-2015-008] WebClientPrint Processor 2.0: Remote Code Execution via Print Jobs 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)

RT-SA-2015-009] WebClientPrint Processor 2.0: Remote Code Execution via Updates 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)

RT-SA-2015-010] WebClientPrint Processor 2.0: Unauthorised Proxy Modification 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)

RT-SA-2015-011] WebClientPrint Processor 2.0: No Validation of TLS Certificates 2017-08-22
RedTeam Pentesting GmbH (release redteam-pentesting de)

SECURITY] DSA 3950-1] libraw security update 2017-08-21
Luciano Bello (luciano debian org)

Malware

 

Phishing

DailyBet

22nd August 2017

Free trial of Unique Daily
Betting Picks- Check it !

NatWest Online

22nd August 2017

ACCOUNT ACTIVITY

Vulnerebility

GraphicsMagick CVE-2017-11642 Denial of Service Vulnerability
2017-08-26
http://www.securityfocus.com/bid/100395

Adobe Digital Editions CVE-2017-11272 XML Entity Parsing Information Disclosure Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100193

Adobe Digital Editions APSB17-27 Multiple Unspecified Memory Corruption Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/100244

Adobe Digital Editions CVE-2017-11274 Unspecified Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100194

TeX Live CVE-2016-10243 Remote Code Execution Vulnerability
2017-08-23
http://www.securityfocus.com/bid/96593

Ansible CVE-2017-7481 Security Bypass Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98492

Smb4K CVE-2017-8849 Local Privilege Escalation Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98690

Google Android Libraries Multiple Remote Code Execution Vulnerabilities
2017-08-23
http://www.securityfocus.com/bid/98877

libxml2 CVE-2017-9049 Heap Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98601

Libxml2 CVE-2017-9047 Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98599

libxml2 CVE-2017-9050 Incomplete Fix Local Heap Based Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98568

libxml2 CVE-2017-9048 Local Stack Buffer Overflow Vulnerability
2017-08-23
http://www.securityfocus.com/bid/98556

RedHat CVS CVE-2017-12836 Command Injection Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100279

augeas CVE-2017-7555 Memory Corruption Vulnerability
2017-08-23
http://www.securityfocus.com/bid/100378

Jenkins Git Plugin CVE-2017-1000092 Cross Site Request Forgery Vulnerability
2017-08-22
http://www.securityfocus.com/bid/100435

Avira Antivirus Remote Heap Underflow Vulnerability
2017-08-22
http://www.securityfocus.com/bid/84841

Oracle Java SE CVE-2013-5812 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63126

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5803 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63082

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2013-5804 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63149

Oracle Java SE CVE-2013-5797 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63095

Oracle Java SE CVE-2013-5790 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63102

Oracle Java SE CVE-2013-5801 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63147

Oracle Java SE CVE-2013-5787 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63155

Oracle Java SE CVE-2013-5789 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63156

Oracle Java SE CVE-2013-5784 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63098

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63154

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63115

Oracle Java SE CVE-2013-5782 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63103
ity Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63152

Oracle Java SE CVE-2013-3829 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63120

SANS News

Malicious script dropping an executable signed by Avast?

Threatpost

Neptune Exploit Kit Dropping Cryptocurrency Miners Through Malvertisements

Android Spyware Linked to Chinese SDK Forces Google to Boot 500 Apps

Foxit to Fix PDF Reader Zero Days by Friday

Exploit

IBM OpenAdmin Tool - SOAP welcomeServer PHP Code Execution (Metasploit)

Matrimonial Script - SQL Injection

Automated Logic WebCTRL 6.5 - Unrestricted File Upload / Remote Code Execution

Automated Logic WebCTRL 6.1 - Path Traversal / Arbitrary File Write

VX Search Enterprise 9.9.12 - 'Import Command' Buffer Overflow

Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack)...

Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow

Disk Savvy Enterprise 9.9.14 - 'Import Command' Buffer Overflow

22.8.2017

Bugtraq

SECURITY] DSA 3950-1] libraw security update 2017-08-21
Luciano Bello (luciano debian org)

SECURITY] DSA 3948-1] ioquake3 security update 2017-08-19
Moritz Muehlenhoff (jmm debian org)

SECURITY] DSA 3946-1] libmspack security update 2017-08-18
Sebastien Delafond (seb debian org)

SECURITY] DSA 3928-2] firefox-esr security update 2017-08-16
Moritz Muehlenhoff (jmm debian org)

Microsoft Resnet - DNS Configuration Web Vulnerability 2017-08-16
Vulnerability Lab (research vulnerability-lab com)

FreeBSD <= 10.3 jail SHM hole 2017-08-16
WhiteWinterWolf (bugtraq lists whitewinterwolf com)

SECURITY] DSA 3943-1] gajim security update 2017-08-14
Salvatore Bonaccorso (carnil debian org)

CVE-2017-9802: Apache Sling XSS vulnerability 2017-08-14
Robert Munteanu (rombert apache org)

CVE-2017-9767] Quali CloudShell (v7.1.0.6508 Patch 6) Multiple Stored Cross Site Scripting Vulnerability 2017-08-14
x62x65x6e gmail com

Malware

 

Phishing

 

Vulnerebility

GraphicsMagick CVE-2017-11642 Denial of Service Vulnerability
2017-08-26
http://www.securityfocus.com/bid/100395

Avira Antivirus Remote Heap Underflow Vulnerability
2017-08-22
http://www.securityfocus.com/bid/84841

Oracle Java SE CVE-2013-5812 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63126

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5803 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63082

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2013-5804 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63149

Oracle Java SE CVE-2013-5797 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63095

Oracle Java SE CVE-2013-5790 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63102

Oracle Java SE CVE-2013-5801 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63147

Oracle Java SE CVE-2013-5787 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63155

Oracle Java SE CVE-2013-5789 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63156

Oracle Java SE CVE-2013-5784 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63098

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63154

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63115

Oracle Java SE CVE-2013-5782 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63103

Oracle Java SE CVE-2013-5778 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63134

Oracle Java SE CVE-2013-5774 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63128

Oracle Java SE CVE-2013-5776 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63152

Oracle Java SE CVE-2013-3829 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63120

Oracle Java SE CVE-2013-5772 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/63089

Google Web Toolkit CVE-2013-4204 Multiple Cross Site Scripting Vulnerabilities
2017-08-22
http://www.securityfocus.com/bid/61590

Oracle Java SE CVE-2013-2472 Buffer Overflow Vulnerability
2017-08-22
http://www.securityfocus.com/bid/60656

Oracle Java SE CVE-2013-3743 Remote Security Vulnerability
2017-08-22
http://www.securityfocus.com/bid/60626

Oracle Java SE CVE-2013-2473 Buffer Overflow Vulnerability
2017-08-22
http://www.securityfocus.com/bid/60623

Oracle Java SE CVE-2013-2469 Memory Corruption Vulnerability
2017-08-22
http://www.securityfocus.com/bid/60658

Oracle Java SE CVE-2013-2471 Buffer Overflow Vulnerability
2017-08-22
http://www.securityfocus.com/bid/60659

Oracle Java SE CVE-2013-2470 Memory Corruption Vulnerability
2017-08-22
http://www.securityfocus.com/bid/60651

Oracle Java SE CVE-2013-2464 Memory Corruption Vulnerability
2017-08-22
http://www.securityfocus.com/bid/60631

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
2017-08-22
http://www.securityfocus.com/bid/60657

SANS News

Defang all the things!

Threatpost

Fuze Patches TPN Handset Vulnerabilities

Facebook Awards $100K to Researchers for Credential Spearphishing Detection Method


Meeting and Hotel Booking Provider’s Data Found in Public Amazon S3 Bucket

Exploit

Easy DVD Creater 2.5.11 - Buffer Overflow (SEH)

Apache2Triad 1.5.4 - Multiple Vulnerabilities

Joomla! Component Flip Wall 8.0 - 'wallid' Parameter SQL Injection

Joomla! Component Sponsor Wall 8.0 - SQL Injection

PHP Classifieds Script 5.6.2 - SQL Injection

Affiliate Niche Script 3.4.0 - SQL Injection

PHP Coupon Script 6.0 - 'cid' Parameter SQL Injection

iTech Social Networking Script 3.08 - SQL Injection

VX Search Enterprise 9.9.12 - 'Import Command' Buffer Overflow

Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow

Disk Savvy Enterprise 9.9.14 - 'Import Command' Buffer Overflow

Linux/x86_64 - Fork Bomb Shellcode (11 bytes)

Linux/x86_64 - kill All Processes Shellcode (19 bytes)

21.8.2017

Bugtraq

SECURITY] DSA 3948-1] ioquake3 security update 2017-08-19
Moritz Muehlenhoff (jmm debian org)

SECURITY] DSA 3946-1] libmspack security update 2017-08-18
Sebastien Delafond (seb debian org)

SECURITY] DSA 3928-2] firefox-esr security update 2017-08-16
Moritz Muehlenhoff (jmm debian org)

Microsoft Resnet - DNS Configuration Web Vulnerability 2017-08-16
Vulnerability Lab (research vulnerability-lab com)

FreeBSD <= 10.3 jail SHM hole 2017-08-16
WhiteWinterWolf (bugtraq lists whitewinterwolf com)

Malware

 

Phishing

service@paypal-support.co.uk

20th August 2017

Last Reminder: Your account is
limited.

Chase Online

19th August 2017

Urgent! Update your details
with Chase Today!

Vulnerebility

 

SANS News

It's Not An Invoice ...

Threatpost

 

Exploit

Apache2Triad 1.5.4 - Multiple Vulnerabilities

Joomla! Component Flip Wall 8.0 - 'wallid' Parameter SQL Injection

Joomla! Component Sponsor Wall 8.0 - SQL Injection

PHP Classifieds Script 5.6.2 - SQL Injection

Easy DVD Creater 2.5.11 - Buffer Overflow (SEH)

Linux/x86_64 - kill All Processes Shellcode (19 bytes)

Linux/x86_64 - Fork Bomb Shellcode (11 bytes)

20.8.2017

Bugtraq

 

Malware

Backdoor.Shadowpad

Phishing

 

Vulnerebility

Mozilla Firefox CVE-2017-7806 Use After Free Denial of Service Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100389

Mozilla Firefox CVE-2017-7781 Man in the Middle Security Bypass Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100383

Mozilla Firefox CVE-2017-7788 Security Bypass Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100379

Mozilla Firefox CVE-2017-7789 Remote Security Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100374

Mozilla Firefox CVE-2017-7808 Information Disclosure Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100373

Mozilla Firefox CVE-2017-7753 Information Disclosure Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100315

Mozilla Firefox CVE-2017-7791 Security Bypass Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100240

Mozilla Firefox and Firefox ESR Multiple Security Bypass Vulnerabilities
2017-08-18
http://www.securityfocus.com/bid/100234

Mozilla Firefox and Firefox ESR Multiple Buffer Overflow Vulnerabilities
2017-08-18
http://www.securityfocus.com/bid/100206

Mozilla Firefox and Firefox ESR CVE-2017-7809 Use After Free Remote Code Execution Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100203

Mozilla Firefox CVE-2017-7779 Multiple Unspecified Memory Corruption Vulnerabilities
2017-08-18
http://www.securityfocus.com/bid/100201

Mozilla Firefox and Firefox ESR Multiple Use After Free Remote Code Execution Vulnerabilities
2017-08-18
http://www.securityfocus.com/bid/100202

Mozilla Firefox CVE-2017-7780 Multiple Memory Corruption Vulnerabilities
2017-08-18
http://www.securityfocus.com/bid/100199

Mozilla Firefox CVE-2017-7798 XUL Injection Arbitrary Code Execution Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100198

Mozilla Firefox CVE-2017-7801 Use After Free Remote Code Execution Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100197

Mozilla Firefox CVE-2017-7800 Use After Free Remote Code Execution Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100196

Mozilla Firefox CVE-2017-7799 Cross Site Scripting Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100377

Mozilla Firefox CVE-2017-7807 Security Bypass Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100242

Mozilla Firefox CVE-2017-7783 Denial of Service Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100401

Linux Kernel 'brcmf_cfg80211_mgmt_tx()' Function Local Memory Corruption Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99955

Linux Kernel CVE-2017-7533 Local Race Condition Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100123

Linux kernel CVE-2017-11176 Local Denial of Service Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99919

Xen 'blkif' Response Information Disclosure Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99162

Linux Kernel CVE-2017-7482 Local Buffer Overflow Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99299

Linux Kernel 'drivers/gpu/drm/vmwgfx/vmwgfx_surface.c' Local Information Disclosure Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99095

Linux Kernel CVE-2017-1000363 Integer Overflow Vulnerability
2017-08-18
http://www.securityfocus.com/bid/98651

Linux Kernel CVE-2017-7346 Local Denial of Service Vulnerability
2017-08-18
http://www.securityfocus.com/bid/97257

Linux Kernel CVE-2017-1000365 Local Security Bypass Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99156

Linux Kernel CVE-2017-7889 Multiple Local Security Bypass Vulnerabilities
2017-08-18
http://www.securityfocus.com/bid/97690

SANS News

tshark 2.4 New Feature - Command Line Export Objects

Threatpost

It’s Not Exactly Open Season on the iOS Secure Enclave

Vendor Exposes Backup of Chicago Voter Roll via AWS Bucket

Exploit

Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution

Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution

Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution

Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution

Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution

18.8.2017

Bugtraq

SECURITY] DSA 3946-1] libmspack security update 2017-08-18
Sebastien Delafond (seb debian org)

SECURITY] DSA 3928-2] firefox-esr security update 2017-08-16
Moritz Muehlenhoff (jmm debian org)

Microsoft Resnet - DNS Configuration Web Vulnerability 2017-08-16
Vulnerability Lab (research vulnerability-lab com)

FreeBSD <= 10.3 jail SHM hole 2017-08-16
WhiteWinterWolf (bugtraq lists whitewinterwolf com)

SECURITY] DSA 3943-1] gajim security update 2017-08-14
Salvatore Bonaccorso (carnil debian org)

Malware

 

Phishing

Wells Fargo Online

18th August 2017

Wells Fargo Account Online
Access Limitation!

Vulnerebility

GraphicsMagick CVE-2017-11642 Denial of Service Vulnerability
2017-08-26
http://www.securityfocus.com/bid/100395

Linux Kernel 'brcmf_cfg80211_mgmt_tx()' Function Local Memory Corruption Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99955

Linux Kernel CVE-2017-7533 Local Race Condition Vulnerability
2017-08-18
http://www.securityfocus.com/bid/100123

Linux kernel CVE-2017-11176 Local Denial of Service Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99919

Xen 'blkif' Response Information Disclosure Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99162

Linux Kernel CVE-2017-7482 Local Buffer Overflow Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99299

Linux Kernel 'drivers/gpu/drm/vmwgfx/vmwgfx_surface.c' Local Information Disclosure Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99095

Linux Kernel CVE-2017-1000363 Integer Overflow Vulnerability
2017-08-18
http://www.securityfocus.com/bid/98651

Linux Kernel CVE-2017-7346 Local Denial of Service Vulnerability
2017-08-18
http://www.securityfocus.com/bid/97257

Linux Kernel CVE-2017-1000365 Local Security Bypass Vulnerability
2017-08-18
http://www.securityfocus.com/bid/99156

Linux Kernel CVE-2017-7889 Multiple Local Security Bypass Vulnerabilities
2017-08-18
http://www.securityfocus.com/bid/97690

Linux kernel CVE-2014-9940 Local Privilege Escalation Vulnerability
2017-08-18
http://www.securityfocus.com/bid/98195

Git CVE-2017-1000117 Remote Command Injection Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100283

Mozilla Firefox and Firefox ESR Multiple Security Bypass Vulnerabilities
2017-08-17
http://www.securityfocus.com/bid/100234

Mozilla Firefox CVE-2017-7753 Information Disclosure Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100315

Mozilla Firefox and Firefox ESR CVE-2017-7809 Use After Free Remote Code Execution Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100203

Mozilla Firefox and Firefox ESR Multiple Use After Free Remote Code Execution Vulnerabilities
2017-08-17
http://www.securityfocus.com/bid/100202

Mozilla Firefox and Firefox ESR Multiple Buffer Overflow Vulnerabilities
2017-08-17
http://www.securityfocus.com/bid/100206

Mozilla Firefox CVE-2017-7779 Multiple Unspecified Memory Corruption Vulnerabilities
2017-08-17
http://www.securityfocus.com/bid/100201

Mozilla Firefox CVE-2017-7801 Use After Free Remote Code Execution Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100197

Mozilla Firefox CVE-2017-7800 Use After Free Remote Code Execution Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100196

Mozilla Firefox CVE-2017-7791 Security Bypass Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100240

Mozilla Firefox CVE-2017-7798 XUL Injection Arbitrary Code Execution Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100198

Mozilla Firefox CVE-2017-7807 Security Bypass Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100242

ISC BIND CVE-2017-3141 Local Privilege Escalation Vulnerability
2017-08-17
http://www.securityfocus.com/bid/99089

tnef Multiple Integer Overflow, Type Confusion and Out of Bounds Write Vulnerabilities
2017-08-17
http://www.securityfocus.com/bid/96427

ISC BIND CVE-2017-3140 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/99088

ISC BIND CVE-2017-3136 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/97653

ISC BIND CVE-2017-3138 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/97657

ISC BIND CVE-2017-3137 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/97651

SANS News

EngineBox Malware Supports 10+ Brazilian Banks

Threatpost

Cisco Patches Privilege Escalation Bugs in APIC

Drupal Patches Critical Access Bypass in Core Engine

Exploit

MyDoomScanner 1.00 - Local Buffer Overflow (PoC)

Microsoft Edge Chakra - 'PreVisitCatch' Missing Call

Microsoft Edge Chakra - 'chakra!Js::GlobalObject' Integer overflow

Microsoft Edge Chakra - Buffer Overflow

Microsoft Edge Chakra - NULL Pointer Dereference

Microsoft Edge Chakra - Heap Buffer Overflow

Microsoft Edge Chakra - 'InterpreterStackFrame::ProcessLinkFailedAsmJsModule'...

Microsoft Edge Chakra - Incorrect Usage of 'PushPopFrameHelper' in...

Microsoft Edge Chakra - Incorrect Usage of 'TryUndeleteProperty'

Microsoft Edge Chakra - 'EmitAssignment' uses the 'this' Register Without Initializing

Microsoft Edge Chakra - Incorrect JIT Optimization with TypedArray Setter #2

Microsoft Edge Chakra - 'JavascriptArray::ConcatArgs' Type Confusion

Microsoft Edge Chakra - 'JavascriptFunction::EntryCall' Fails to Handle 'CallInfo'...

Microsoft Edge Chakra - Uninitialized Arguments (1)

Microsoft Edge Chakra - Uninitialized Arguments (2)

Microsoft Edge Chakra - 'EmitNew' Integer Overflow

Microsoft Edge 40.15063.0.0 Chakra - Incorrect JIT Optimization with TypedArray Setter #3

Adobe Flash - Invoke Accesses Trait Out-of-Bounds

Microsoft Edge - Out-of-Bounds Access when Fetching Source

MyDoomScanner 1.00 - Local Buffer Overflow (PoC)

Mozilla Firefox < 45.0 - 'nsHtml5TreeBuilder' Use-After-Free (EMET 5.52 Bypass)

Food Ordering Script 1.0 - SQL Injection

Online Quiz Project 1.0 - SQL Injection

Photogallery Project 1.0 - SQL Injection

Doctor Patient Project 1.0 - SQL Injection

17.8.2017

Bugtraq

SECURITY] DSA 3928-2] firefox-esr security update 2017-08-16
Moritz Muehlenhoff (jmm debian org)

Microsoft Resnet - DNS Configuration Web Vulnerability 2017-08-16
Vulnerability Lab (research vulnerability-lab com)

FreeBSD <= 10.3 jail SHM hole 2017-08-16
WhiteWinterWolf (bugtraq lists whitewinterwolf com)

Malware

Backdoor.Shadowpad

Phishing

NatWest InfoDesk

16th August 2017

ENHANCED SECURITY UPDATE
REQUIRED

PayPal

16th August 2017

NEW REMINDER] : THANK YOU FOR
USING PAYPAL TO TRANSACTION
SUCCESSFULLY, ORDER NUMBER
#3077-1552-9643-8058

Vulnerebility

Git CVE-2017-1000117 Remote Command Injection Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100283

Mozilla Firefox and Firefox ESR Multiple Security Bypass Vulnerabilities
2017-08-17
http://www.securityfocus.com/bid/100234

Mozilla Firefox CVE-2017-7753 Information Disclosure Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100315

Mozilla Firefox and Firefox ESR CVE-2017-7809 Use After Free Remote Code Execution Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100203

Mozilla Firefox and Firefox ESR Multiple Use After Free Remote Code Execution Vulnerabilities
2017-08-17
http://www.securityfocus.com/bid/100202

Mozilla Firefox and Firefox ESR Multiple Buffer Overflow Vulnerabilities
2017-08-17
http://www.securityfocus.com/bid/100206

Mozilla Firefox CVE-2017-7779 Multiple Unspecified Memory Corruption Vulnerabilities
2017-08-17
http://www.securityfocus.com/bid/100201

Mozilla Firefox CVE-2017-7801 Use After Free Remote Code Execution Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100197

Mozilla Firefox CVE-2017-7800 Use After Free Remote Code Execution Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100196

Mozilla Firefox CVE-2017-7791 Security Bypass Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100240

Mozilla Firefox CVE-2017-7798 XUL Injection Arbitrary Code Execution Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100198

Mozilla Firefox CVE-2017-7807 Security Bypass Vulnerability
2017-08-17
http://www.securityfocus.com/bid/100242

ISC BIND CVE-2017-3141 Local Privilege Escalation Vulnerability
2017-08-17
http://www.securityfocus.com/bid/99089

tnef Multiple Integer Overflow, Type Confusion and Out of Bounds Write Vulnerabilities
2017-08-17
http://www.securityfocus.com/bid/96427

ISC BIND CVE-2017-3140 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/99088

ISC BIND CVE-2017-3136 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/97653

ISC BIND CVE-2017-3138 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/97657

ISC BIND CVE-2017-3137 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/97651

ISC BIND CVE-2016-9444 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/95393

ISC BIND CVE-2016-9147 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/95390

ISC BIND CVE-2017-3135 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/96150

ISC BIND CVE-2016-9778 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/95388

ISC BIND CVE-2016-9131 Remote Denial of Service Vulnerability
2017-08-17
http://www.securityfocus.com/bid/95386

Oracle MySQL Server CVE-2017-3653 Remote Security Vulnerability
2017-08-17
http://www.securityfocus.com/bid/99810

Oracle MySQL Server CVE-2017-3641 Remote Security Vulnerability
2017-08-17
http://www.securityfocus.com/bid/99767

Oracle MySQL Server CVE-2017-3636 Local Security Vulnerability
2017-08-17
http://www.securityfocus.com/bid/99736

Oracle MySQL Server CVE-2017-3456 Remote Security Vulnerability
2017-08-17
http://www.securityfocus.com/bid/97831

Oracle MySQL Server CVE-2017-3464 Remote Security Vulnerability
2017-08-17
http://www.securityfocus.com/bid/97818

Oracle MySQL Server CVE-2017-3309 Remote Security Vulnerability
2017-08-17
http://www.securityfocus.com/bid/97742

Oracle MySQL Server CVE-2017-3453 Remote Security Vulnerability
2017-08-17
http://www.securityfocus.com/bid/97776

SANS News

Maldoc with auto-updated link

Threatpost

Locky Ransomware Variant Slips Past Some Defenses

Maersk Shipping Reports $300M Loss Stemming from NotPetya Attack

Google Removes Chrome Extension Used in Banking Fraud

Exploit

 

16.8.2017

Bugtraq

FreeBSD <= 10.3 jail SHM hole 2017-08-16
WhiteWinterWolf (bugtraq lists whitewinterwolf com)

SECURITY] DSA 3943-1] gajim security update 2017-08-14
Salvatore Bonaccorso (carnil debian org)

CVE-2017-9802: Apache Sling XSS vulnerability 2017-08-14
Robert Munteanu (rombert apache org)

CVE-2017-9767] Quali CloudShell (v7.1.0.6508 Patch 6) Multiple Stored Cross Site Scripting Vulnerability 2017-08-14
x62x65x6e gmail com

SECURITY] DSA 3940-1] iortcw security update 2017-08-13
Moritz Muehlenhoff (jmm debian org)

Malware

 

Phishing

 

Vulnerebility

Advantech WebOP Designer Heap Buffer Overflow Vulnerability
2017-08-16
http://www.securityfocus.com/bid/99476

Linux kernel CVE-2017-8831 Local Denial of Service Vulnerability
2017-08-16
http://www.securityfocus.com/bid/99619

Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
2017-08-16
http://www.securityfocus.com/bid/98085

Linux Kernel CVE-2017-7533 Local Race Condition Vulnerability
2017-08-16
http://www.securityfocus.com/bid/100123

Apache HTTP Server CVE-2017-9788 Memory Corruption Vulnerability
2017-08-16
http://www.securityfocus.com/bid/99569

Apache HTTP Server CVE-2017-3169 Denial of Service Vulnerability
2017-08-16
http://www.securityfocus.com/bid/99134

Apache HTTP Server CVE-2017-7679 Buffer Overflow Vulnerability
2017-08-16
http://www.securityfocus.com/bid/99170

Apache HTTP Server CVE-2017-3167 Authentication Bypass Vulnerability
2017-08-16
http://www.securityfocus.com/bid/99135

Adobe Flash Player CVE-2017-3106 Type Confusion Remote Code Execution Vulnerability
2017-08-15
http://www.securityfocus.com/bid/100190

Adobe Flash Player CVE-2017-3085 Unspecified Security Bypass Vulnerability
2017-08-15
http://www.securityfocus.com/bid/100191

Oracle Java SE CVE-2013-1473 Java Runtime Environment Remote Security Vulnerability
2017-08-15
http://www.securityfocus.com/bid/57731

Xen CVE-2017-12135 Multiple Denial of Service Vulnerabilities
2017-08-15
http://www.securityfocus.com/bid/100344

Xen CVE-2017-12134 Memory Corruption Vulnerability
2017-08-15
http://www.securityfocus.com/bid/100343

Xen CVE-2017-12137 Privilege Escalation Vulnerability
2017-08-15
http://www.securityfocus.com/bid/100342

Xen CVE-2017-12855 Local Information Disclosure Vulnerability
2017-08-15
http://www.securityfocus.com/bid/100341

Juniper Junos CVE-2017-10602 Local Buffer Overflow Vulnerability
2017-08-15
http://www.securityfocus.com/bid/100323

Oracle Java SE CVE-2013-2451 Local Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60625

Oracle Java SE CVE-2013-2452 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60617

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60640

Oracle Java SE CVE-2013-2446 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60620

Oracle Java SE CVE-2013-2447 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60629

Oracle Java SE CVE-2013-2444 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60633

Oracle Java SE CVE-2013-2445 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60639

Oracle Java SE CVE-2013-2442 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60643

Oracle Java SE CVE-2013-2443 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60646

Oracle Java SE CVE-2013-2440 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59124

Oracle Java SE CVE-2013-2439 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59178

Oracle Java SE CVE-2013-2437 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60636

Oracle Java SE CVE-2013-2435 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59089

SANS News

Analysis of a Paypal phishing kit

Threatpost

Seven More Chrome Extensions Compromised

Spam Domains Imitating Popular Banks Spreading Trickbot Banking Trojan

Exploit

Microsoft Edge 38.14393.1066.0 -...

15.8.2017

Bugtraq

SECURITY] DSA 3943-1] gajim security update 2017-08-14
Salvatore Bonaccorso (carnil debian org)

CVE-2017-9802: Apache Sling XSS vulnerability 2017-08-14
Robert Munteanu (rombert apache org)

CVE-2017-9767] Quali CloudShell (v7.1.0.6508 Patch 6) Multiple Stored Cross Site Scripting Vulnerability 2017-08-14
x62x65x6e gmail com

SECURITY] DSA 3940-1] iortcw security update 2017-08-13
Moritz Muehlenhoff (jmm debian org)

Malware

JS.Bateleur

Phishing

 

Vulnerebility

Adobe Flash Player CVE-2017-3106 Type Confusion Remote Code Execution Vulnerability
2017-08-15
http://www.securityfocus.com/bid/100190

Adobe Flash Player CVE-2017-3085 Unspecified Security Bypass Vulnerability
2017-08-15
http://www.securityfocus.com/bid/100191

Oracle Java SE CVE-2013-1473 Java Runtime Environment Remote Security Vulnerability
2017-08-15
http://www.securityfocus.com/bid/57731

Juniper Junos CVE-2017-10602 Local Buffer Overflow Vulnerability
2017-08-15
http://www.securityfocus.com/bid/100323

Oracle Java SE CVE-2013-2451 Local Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60625

Oracle Java SE CVE-2013-2452 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60617

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60640

Oracle Java SE CVE-2013-2446 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60620

Oracle Java SE CVE-2013-2447 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60629

Oracle Java SE CVE-2013-2444 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60633

Oracle Java SE CVE-2013-2445 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60639

Oracle Java SE CVE-2013-2442 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60643

Oracle Java SE CVE-2013-2443 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60646

Oracle Java SE CVE-2013-2440 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59124

Oracle Java SE CVE-2013-2439 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59178

Oracle Java SE CVE-2013-2437 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/60636

Oracle Java SE CVE-2013-2435 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59089

Oracle Java SE CVE-2013-2433 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59220

Oracle Java SE CVE-2013-2432 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59154

Oracle Java SE CVE-2013-2430 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59243

Oracle Java SE CVE-2013-2429 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59184

Oracle Java SE CVE-2013-2424 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59159

Oracle Java SE CVE-2013-2422 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59228

Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability
2017-08-14
http://www.securityfocus.com/bid/100259

Oracle Java SE CVE-2017-10078 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/99752

Oracle Java SE CVE-2013-1518 Remote Java Runtime Environment Vulnerability
2017-08-14
http://www.securityfocus.com/bid/59141

Oracle Java SE CVE-2017-10105 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/99851

Oracle Java SE and JRockit CVE-2017-10053 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/99842

Oracle Java SE and JRockit CVE-2017-10108 Remote Security Vulnerability
2017-08-14
http://www.securityfocus.com/bid/99846

SANS News

Malspam pushing Trickbot banking Trojan

Threatpost

Researchers Find Phishing Site Encrypted with AES

Smart Locks Bricked by Bad Update

Smart Locks Bricked by Bad Update

Exploit

Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross-Site Scripting

Xamarin Studio for Mac 6.2.1 (build 3)/6.3 (build 863) - Privilege Escalation

Tomabo MP4 Converter 3.19.15 - Denial of Service

ClipBucket 2.8.3 - Multiple Vulnerabilities

14.8.2017

Bugtraq

CVE-2017-9802: Apache Sling XSS vulnerability 2017-08-14
Robert Munteanu (rombert apache org)

CVE-2017-9767] Quali CloudShell (v7.1.0.6508 Patch 6) Multiple Stored Cross Site Scripting Vulnerability 2017-08-14
x62x65x6e gmail com

SECURITY] DSA 3940-1] iortcw security update 2017-08-13
Moritz Muehlenhoff (jmm debian org)

slackware-security] mercurial (SSA:2017-223-03) 2017-08-11
Slackware Security Team (security slackware com)

SECURITY] DSA 3937-1] zabbix security update 2017-08-12
Moritz Muehlenhoff (jmm debian org)

SECURITY] DSA 3936-1] postgresql-9.6 security update 2017-08-10
Moritz Muehlenhoff (jmm debian org)

Malware

 

Phishing

service@intI.paypaI.com

14th August 2017

REMINDER : YOUR PURCHASE
INVOICE HAS BEEN ISSUED -REF
#5YJ60743M42534507

PayPal Account Limited

12th August 2017

PAYPAL ACCOUNT LIMITED

Vulnerebility

Mozilla Firefox CVE-2017-7807 Security Bypass Vulnerability
2017-08-14
http://www.securityfocus.com/bid/100242

Mozilla Firefox and Firefox ESR Multiple Security Bypass Vulnerabilities
2017-08-14
http://www.securityfocus.com/bid/100234

Mozilla Firefox and Firefox ESR Multiple Buffer Overflow Vulnerabilities
2017-08-14
http://www.securityfocus.com/bid/100206

Mozilla Firefox and Firefox ESR CVE-2017-7809 Use After Free Remote Code Execution Vulnerability
2017-08-14
http://www.securityfocus.com/bid/100203

Mozilla Firefox and Firefox ESR Multiple Use After Free Remote Code Execution Vulnerabilities
2017-08-14
http://www.securityfocus.com/bid/100202

Mozilla Firefox CVE-2017-7779 Multiple Unspecified Memory Corruption Vulnerabilities
2017-08-14
http://www.securityfocus.com/bid/100201

Mozilla Firefox CVE-2017-7798 XUL Injection Arbitrary Code Execution Vulnerability
2017-08-14
http://www.securityfocus.com/bid/100198

Mozilla Firefox CVE-2017-7801 Use After Free Remote Code Execution Vulnerability
2017-08-14
http://www.securityfocus.com/bid/100197

Mozilla Firefox CVE-2017-7800 Use After Free Remote Code Execution Vulnerability
2017-08-14
http://www.securityfocus.com/bid/100196

Randombit Botan CVE-2017-2801 Certificate Validation Security Bypass Vulnerability
2017-08-14
http://www.securityfocus.com/bid/98106

PHP 'gd_gif_in.c' Memory Corruption Vulnerability
2017-08-14
http://www.securityfocus.com/bid/99492

Zabbix Proxy Server CVE-2017-2825 Man in the Middle Security Bypass Vulnerability
2017-08-14
http://www.securityfocus.com/bid/98094

Zabbix CVE-2017-2824 Command Injection Vulnerability
2017-08-14
http://www.securityfocus.com/bid/98083

Oracle Java SE CVE-2013-2420 Integer Overflow Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59167

Oracle Java SE CVE-2013-2419 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59131

Oracle Java SE CVE-2013-2418 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59145

Oracle Java SE CVE-2013-2417 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59187

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2017-08-11
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2017-08-11
http://www.securityfocus.com/bid/60653

Oracle Java SE CVE-2013-2383 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59190

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2017-08-11
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-1569 Stack Buffer Overflow Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59166

Oracle Java SE CVE-2013-1563 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59208

Oracle Java SE CVE-2013-1558 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59219

Oracle Java SE CVE-2013-1557 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59170

Oracle Java SE CVE-2013-1540 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59149

Oracle Java SE CVE-2013-1537 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59194

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2017-08-11
http://www.securityfocus.com/bid/60627

Oracle Java SE CVE-2013-1487 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/58031

Oracle Java SE CVE-2013-1493 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/58238

SANS News

The Good Phishing Email

Threatpost

 

Exploit

RealTime RWR-3G-100 Router - Cross-Site Request Forgery (Change Admin Password)

13.8.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Oracle Java SE CVE-2013-2420 Integer Overflow Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59167

Oracle Java SE CVE-2013-2419 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59131

Oracle Java SE CVE-2013-2418 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59145

Oracle Java SE CVE-2013-2417 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59187

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2017-08-11
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2017-08-11
http://www.securityfocus.com/bid/60653

Oracle Java SE CVE-2013-2383 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59190

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2017-08-11
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-1569 Stack Buffer Overflow Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59166

Oracle Java SE CVE-2013-1563 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59208

Oracle Java SE CVE-2013-1558 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59219

Oracle Java SE CVE-2013-1557 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59170

Oracle Java SE CVE-2013-1540 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59149

Oracle Java SE CVE-2013-1537 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59194

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2017-08-11
http://www.securityfocus.com/bid/60627

Oracle Java SE CVE-2013-1487 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/58031

Oracle Java SE CVE-2013-1493 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/58238

Oracle Java SE CVE-2013-2384 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59179

Oracle Java SE CVE-2013-2394 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/59172

Oracle Java SE CVE-2013-1486 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/58029

Oracle Java SE CVE-2013-1480 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/57691

Oracle Java SE CVE-2013-1481 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/57718

Oracle Java SE CVE-2013-1478 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/57686

Oracle Java SE CVE-2013-1479 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/57706

Oracle Java SE CVE-2013-1475 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/57694

Oracle Java SE CVE-2013-1476 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/57696

Oracle Java SE CVE-2013-0809 Remote Code Execution Vulnerability
2017-08-11
http://www.securityfocus.com/bid/58296

Oracle Java SE CVE-2013-0450 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/57703

Oracle Java SE CVE-2013-0441 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/57692

Oracle Java SE CVE-2013-0446 Remote Java Runtime Environment Vulnerability
2017-08-11
http://www.securityfocus.com/bid/57699

SANS News

Outlook Web Access based attacks

Threatpost

APT28 Using EternalBlue to Attack Hotels in Europe, Middle East

Many Factors Conspire in ICS/SCADA Attacks

Apps Infected With SonicSpy Spyware Removed From Google Play

Ukrainian Man Arrested, Charged in NotPetya Distribution

Exploit

DeWorkshop 1.0 - SQL Injection

De-Journal 1.0 - SQL Injection

De-Tutor 1.0 - SQL Injection

11.8.2017

Bugtraq

SECURITY] DSA 3936-1] postgresql-9.6 security update 2017-08-10
Moritz Muehlenhoff (jmm debian org)

SECURITY] DSA 3935-1] postgresql-9.4 security update 2017-08-10
Moritz Muehlenhoff (jmm debian org)

security bulletin] HPESB3P03762 rev.1 - HPE C Switch Software using Cisco Prime Data Center Network Manager (DCNM), Remote Code Execution 2017-08-10
security-alert hpe com

ANN] Apache Struts: S2-049 Security Bulletin update 2017-08-10
Lukasz Lenart (lukaszlenart apache org)

SECURITY] DSA 3932-1] subversion security update 2017-08-10
Sebastien Delafond (seb debian org)

SECURITY] DSA 3933-1] pjproject security update 2017-08-10
Moritz Muehlenhoff (jmm debian org)

SECURITY]ANNOUNCE] Apache Subversion 1.9.7 released 2017-08-10
Daniel Shahaf (danielsh apache org)

SECURITY] DSA 3929-1] libsoup2.4 security update 2017-08-10
Salvatore Bonaccorso (carnil debian org)

slackware-security] curl (SSA:2017-221-01) 2017-08-09
Slackware Security Team (security slackware com)

slackware-security] mozilla-firefox (SSA:2017-221-02) 2017-08-09
Slackware Security Team (security slackware com)

DefenseCode ThunderScan SAST Advisory: WordPress Easy Modal Plugin Multiple Security Vulnerabilities 2017-08-07
DefenseCode (defensecode defensecode com)

SECURITY] DSA 3927-1] linux security update 2017-08-07
Salvatore Bonaccorso (carnil debian org)

Malware

 

Phishing

Chase

10th August 2017

Account Validation

Hotmailoutlook

10th August 2017

HIGH SECURITY ALERT

Vulnerebility

Microsoft Edge CVE-2017-8670 Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100070

Microsoft Edge CVE-2017-8674 Scripting Engine Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100081

Microsoft Edge CVE-2017-8671 Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100071

Microsoft Edge CVE-2017-8672 Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100072

Microsoft Edge CVE-2017-8656 Scripting Engine Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100033

Microsoft Edge CVE-2017-8655 Scripting Engine Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100027

Microsoft Edge CVE-2017-8657 Scripting Engine Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100035

Microsoft Edge CVE-2017-8659 Scripting Engine Information Disclosure Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100029

Microsoft Edge CVE-2017-8646 Scripting Engine Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100053

Microsoft Edge CVE-2017-8647 Scripting Engine Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100054

Microsoft Edge CVE-2017-8645 Scripting Engine Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100052

Microsoft Edge CVE-2017-8634 Scripting Engine Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100043

Microsoft Internet Explorer and Edge CVE-2017-8635 Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100055

Microsoft Internet Explorer and Edge CVE-2017-0228 Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/98164

Microsoft Edge CVE-2017-8638 Scripting Engine Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100049

Microsoft Edge CVE-2017-8637 Security Bypass Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100045

Microsoft Internet Explorer and Edge CVE-2017-8641 Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100057

Microsoft Internet Explorer and Edge CVE-2017-8636 Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100056

Microsoft Edge CVE-2017-8640 Scripting Engine Remote Memory Corruption Vulnerability
2017-08-11
http://www.securityfocus.com/bid/100051

Microsoft Windows HTTP Protocol Stack CVE-2015-1635 Remote Code Execution Vulnerability
2017-08-10
http://www.securityfocus.com/bid/74013

Persistent Systems Radia Client Automation CVE-2015-1497 Remote Code Execution Vulnerability
2017-08-10
http://www.securityfocus.com/bid/72612

HP Client Automation Remote Code Execution and Stack Buffer Overflow Vulnerabilities
2017-08-10
http://www.securityfocus.com/bid/75966

Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability
2017-08-10
http://www.securityfocus.com/bid/31874

Microsoft Internet Information Services CVE-2017-7269 Buffer Overflow Vulnerability
2017-08-10
http://www.securityfocus.com/bid/97127

Oracle Java SE CVE-2017-10081 Remote Security Vulnerability
2017-08-10
http://www.securityfocus.com/bid/99853

Oracle Java SE and JRockit CVE-2017-10108 Remote Security Vulnerability
2017-08-10
http://www.securityfocus.com/bid/99846

Oracle Java SE CVE-2017-10105 Remote Security Vulnerability
2017-08-10
http://www.securityfocus.com/bid/99851

Oracle Java SE and JRockit CVE-2017-10053 Remote Security Vulnerability
2017-08-10
http://www.securityfocus.com/bid/99842

Oracle Java SE CVE-2017-10125 Local Security Vulnerability
2017-08-10
http://www.securityfocus.com/bid/99809

Oracle Java SE and JRockit CVE-2017-10243 Remote Security Vulnerability
2017-08-10
http://www.securityfocus.com/bid/99827

SANS News

Maldoc Analysis with ViperMonkey

Threatpost

Patched Flash Player Sandbox Escape Leaked Windows Credentials

Juniper Issues Security Alert Tied to Routers and Switches

High Schooler Nets $10,000 For Google Bug

Exploit

Microsoft Edge 38.14393.1066.0 - 'textarea.defaultValue' Memory Disclosure

GIF Collection 2.0 - SQL Injection

ImageBay 1.0 - SQL Injection

WebFile Explorer 1.0 - Arbitrary File Download

10.8.2017

Bugtraq

SECURITY] DSA 3929-1] libsoup2.4 security update 2017-08-10
Salvatore Bonaccorso (carnil debian org)

slackware-security] curl (SSA:2017-221-01) 2017-08-09
Slackware Security Team (security slackware com)

slackware-security] mozilla-firefox (SSA:2017-221-02) 2017-08-09
Slackware Security Team (security slackware com)

DefenseCode ThunderScan SAST Advisory: WordPress Easy Modal Plugin Multiple Security Vulnerabilities 2017-08-07
DefenseCode (defensecode defensecode com)

SECURITY] DSA 3927-1] linux security update 2017-08-07
Salvatore Bonaccorso (carnil debian org)

Re: oss-security] CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() 2017-08-05
Brad Spengler (spender grsecurity net)

Malware

Backdoor.Weasel

Phishing

 

Vulnerebility

Drupal Better Field Descriptions Module Cross Site Scripting Vulnerability
2017-08-09
http://www.securityfocus.com/bid/100238

Apache Storm CVE-2017-9799 Remote Code Execution Vulnerability
2017-08-09
http://www.securityfocus.com/bid/100235

Oracle Hospitality Applications CVE-2017-10064 Remote Security Vulnerability
2017-08-09
http://www.securityfocus.com/bid/100229

Microsoft Internet Explorer and Edge CVE-2017-8635 Remote Memory Corruption Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100055

Microsoft Windows Remote Desktop Protocol CVE-2017-8673 Denial of Service Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100079

Microsoft Office SharePoint CVE-2017-8654 Cross Site Scripting Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100064

Red Hat CloudForms Management Engine CVE-2017-7530 Privilege Escalation Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100151

Red Hat CloudForms Management Engine CVE-2017-2664 Privilege Escalation Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100148

Mozilla Firefox CVE-2017-7791 Security Bypass Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100240

OpenStack Neutron CVE-2017-7543 Information Disclosure Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100237

Mozilla Firefox and Firefox ESR Multiple Security Bypass Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100234

Google Android Framework CVE-2017-0712 Privilege Escalation Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100220

Google Android Broadcom Components CVE-2017-0740 Remote Code Execution Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100217

Google Android Kernel Components Multiple Privilege Escalation Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100215

IBM Maximo Asset Management CVE-2017-1357 Security Bypass Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100214

OSIsoft PI Integrator ICSA-17-220-01 Privilege Escalation and Cross Site Scripting Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100212

Fortinet FortiOS CVE-2017-3130 Information Disclosure Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100211

Google Android Drivers Multiple Security Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100210

Moxa SoftNVR-IA Live Viewer CVE-2017-5170 DLL Loading Local Code Execution Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100208

SAP SRM Multiple Unspecified Security Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100207

Mozilla Firefox and Firefox ESR Multiple Buffer Overflow Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100206

Fortinet Fortiweb CVE-2017-7737 Information Disclosure Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100205

Google Android Media Framework Multiple Security Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100204

Mozilla Firefox and Firefox ESR CVE-2017-7809 Use After Free Remote Code Execution Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100203

Mozilla Firefox and Firefox ESR Multiple Use After Free Remote Code Execution Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100202

Mozilla Firefox CVE-2017-7779 Multiple Unspecified Memory Corruption Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100201

Mozilla Firefox CVE-2017-7780 Multiple Memory Corruption Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100199

Mozilla Firefox CVE-2017-7798 XUL Injection Arbitrary Code Execution Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100198

Mozilla Firefox CVE-2017-7801 Use After Free Remote Code Execution Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100197

Mozilla Firefox CVE-2017-7800 Use After Free Remote Code Execution Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100196

SANS News

 

Threatpost

SAP Patch Tuesday Update Resolves 19 Flaws, Three High Severity

Mystery Company Offers $250,000 Bounty for VM Escape Vulnerabilities

Signed Mughthesec Adware Hijacking Macs for Profit

Mozilla Fixes 29 Vulnerabilities in Firefox, Makes Flash Click-To-Activate

Exploit

DALIM SOFTWARE ES Core 5.0 build 7184.1 - User Enumeration

DALIM SOFTWARE ES Core 5.0 build 7184.1 - Cross-Site Scripting / Cross-Site Request

DALIM SOFTWARE ES Core 5.0 build 7184.1 - Directory Traversal

DALIM SOFTWARE ES Core 5.0 build 7184.1 - Server-Side Request Forgery

WebFile Explorer 1.0 - Arbitrary File Download

9.8.2017

Bugtraq

 

Malware

 

Phishing

Bank of America

9th August 2017

Re: Account Updated

service@intI.paypaI.com

9th August 2017

REMINDER : YOUR PURCHASE
INVOICE HAS BEEN ISSUED -REF
#5YJ60743M46734507

Vulnerebility

 

SANS News

How are people fooled by this? Email to sign a contract provides malware instead.

Threatpost

Updates to Sofacy, Turla Highlight 2017 Q2 APT Activity

Engineering Firm Leaks Sensitive Data on Dell, SBC and Oracle

Flash Player Marches Toward End, Patches Two Code Execution Bugs in Latest Update

Exploit

Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) (2)

Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation...

8.8.2017

Bugtraq

DefenseCode ThunderScan SAST Advisory: WordPress Easy Modal Plugin Multiple Security Vulnerabilities 2017-08-07
DefenseCode (defensecode defensecode com)

SECURITY] DSA 3927-1] linux security update 2017-08-07
Salvatore Bonaccorso (carnil debian org)

Re: oss-security] CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() 2017-08-05
Brad Spengler (spender grsecurity net)

SECURITY] DSA 3926-1] chromium-browser security update 2017-08-04
Michael Gilbert (mgilbert debian org)

SECURITY] DSA 3925-1] qemu security update 2017-08-04
Moritz Muehlenhoff (jmm debian org)

Malware

 

Phishing

 

Vulnerebility

Microsoft Windows Remote Desktop Protocol CVE-2017-8673 Denial of Service Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100079

Microsoft Office SharePoint CVE-2017-8654 Cross Site Scripting Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100064

Red Hat CloudForms Management Engine CVE-2017-7530 Privilege Escalation Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100151

Red Hat CloudForms Management Engine CVE-2017-2664 Privilege Escalation Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100148

Mozilla Firefox CVE-2017-7800 Use After Free Remote Code Execution Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100196

Adobe Experience Manager CVE-2017-3108 Arbitrary Code Execution Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100195

Adobe Digital Editions CVE-2017-11274 Unspecified Buffer Overflow Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100194

Adobe Digital Editions CVE-2017-11272 XML Entity Parsing Information Disclosure Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100193

Adobe Experience Manager CVE-2017-3110 Information Disclosure Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100192

Adobe Flash Player CVE-2017-3085 Unspecified Security Bypass Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100191

Adobe Flash Player CVE-2017-3106 Type Confusion Remote Code Execution Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100190

Adobe Acrobat and Reader CVE-2017-3118 Security Bypass Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100189

Adobe Experience Manager CVE-2017-3107 Information Disclosure Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100188

Adobe Acrobat and Reader CVE-2017-3115 Information Disclosure Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100187

Adobe Acrobat and Reader CVE-2017-11229 Unspecified Security Bypass Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100186

Adobe Acrobat and Reader CVE-2017-11232 Information Disclosure Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100185

Adobe Acrobat and Reader APSB17-24 Multiple Unspecified Memory Corruption Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100184

Adobe Acrobat and Reader APSB17-24 Use-After-Free Multiple Remote Code Execution Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100182

Adobe Acrobat and Reader Type Confusion APSB17-24 Multiple Remote Code Execution Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100181

Adobe Acrobat and Reader APSB17-24 Multiple Heap Buffer Overflow Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100180

Adobe Acrobat and Reader APSB17-24 Multiple Unspecified Memory Corruption Vulnerabilities
2017-08-08
http://www.securityfocus.com/bid/100179

SAP Netweaver ABAP Workbench Tools Authorization Bypass Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100178

SAP NetWeaver K.M. Web Page Composer URI Redirection Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100177

SAP NetWeaver Business Unspecified Cross Site Scripting Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100176

SAP NetWeaver UUID Generation Security Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100175

SAP BusinessObjects Cross-Site Ajax Request Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100174

SAP Adobe Document Services Unspecified Denial of Service Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100173

SAP NetWeaver Logon Application URI Redirection Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100172

Multiple SAP Sybase Products Unspecified Cross Site Request Forgery Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100171

SAP NetWeaver Visual Composer Remote Code Injection Vulnerability
2017-08-08
http://www.securityfocus.com/bid/100170

SANS News

Increase of phpMyAdmin scans

Microsoft Patch Tuesday August 2017

Threatpost

Tech Support Scammers Cast a Wider Net

Lawsuit Alleges Disney Illegally Tracks Children Via Apps

Marcus Hutchins’ Only Certainty is Uncertainty

Exploit

WordPress Plugin Easy Modal 2.0.17 - SQL Injection

Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation...

Synology Photo Station 6.7.3-3432 / 6.3-2967 - Remote Code Execution

WildMIDI 0.4.2 - Multiple Vulnerabilities

7.8.2017

Bugtraq

DefenseCode ThunderScan SAST Advisory: WordPress Easy Modal Plugin Multiple Security Vulnerabilities 2017-08-07
DefenseCode (defensecode defensecode com)

SECURITY] DSA 3927-1] linux security update 2017-08-07
Salvatore Bonaccorso (carnil debian org)

Re: oss-security] CVE-2017-7533] kernel: inotify: a race between inotify_handle_event() and sys_rename() 2017-08-05
Brad Spengler (spender grsecurity net)

SECURITY] DSA 3926-1] chromium-browser security update 2017-08-04
Michael Gilbert (mgilbert debian org)

SECURITY] DSA 3925-1] qemu security update 2017-08-04
Moritz Muehlenhoff (jmm debian org)

SEC Consult SA-20170804-1 :: Ubiquiti Networks UniFi Cloud Key authenticated command injection 2017-08-04
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20170804-0 :: phpBB Server Side Request Forgery (SSRF) vulnerability 2017-08-04
SEC Consult Vulnerability Lab (research sec-consult com)

security bulletin] HPESB3P03767 rev.1 - HPE Proliant ML10 Gen9 servers using Intel Xeon E3-1200M v5 and 6th Generation Intel Core Processors, Unauthorized Write to Filesystem 2017-08-04
security-alert hpe com

SECURITY] DSA 3924-1] varnish security update 2017-08-02
Salvatore Bonaccorso (carnil debian org)

slackware-security] gnupg (SSA:2017-213-01) 2017-08-02
Slackware Security Team (security slackware com)

CVE-2017-1500 - Relected XSS in IBM WorkLight OAuth Server Web Api 2017-08-02
gabriele gristina gmail com

security bulletin] HPESBHF03763 rev.1 - HPE Comware 7, IMC, VCX products using OpenSSL, Remote Denial of Service (DoS) 2017-08-01
security-alert hpe com

security bulletin] HPESBGN03766 rev.1 - HPE Project and Portfolio Management (PPM), Remote Cross-Site Scripting 2017-08-01
security-alert hpe com

Malware

 

Phishing

 

Vulnerebility

QEMU CVE-2017-11334 Out of Bounds Read and Write Denial of Service Vulnerability
2017-08-07
http://www.securityfocus.com/bid/99895

QEMU CVE-2017-10806 Stack Buffer Overflow Vulnerability
2017-08-07
http://www.securityfocus.com/bid/99475

QEMU CVE-2017-9524 Denial of Service Vulnerability
2017-08-07
http://www.securityfocus.com/bid/99011

Linux Kernel CVE-2017-1000365 Local Security Bypass Vulnerability
2017-08-07
http://www.securityfocus.com/bid/99156

Linux Kernel CVE-2017-7482 Local Buffer Overflow Vulnerability
2017-08-07
http://www.securityfocus.com/bid/99299

Linux Kernel CVE-2017-10810 Denial of Service Vulnerability
2017-08-07
http://www.securityfocus.com/bid/99433

Linux Kernel 'brcmf_cfg80211_mgmt_tx()' Function Local Memory Corruption Vulnerability
2017-08-07
http://www.securityfocus.com/bid/99955

Linux Kernel CVE-2017-7346 Local Denial of Service Vulnerability
2017-08-07
http://www.securityfocus.com/bid/97257

Linux Kernel 'drivers/gpu/drm/vmwgfx/vmwgfx_surface.c' Local Information Disclosure Vulnerability
2017-08-07
http://www.securityfocus.com/bid/99095

Xen 'blkif' Response Information Disclosure Vulnerability
2017-08-07
http://www.securityfocus.com/bid/99162

Linux kernel CVE-2017-11176 Local Denial of Service Vulnerability
2017-08-07
http://www.securityfocus.com/bid/99919

Linux Kernel CVE-2017-7533 Local Race Condition Vulnerability
2017-08-07
http://www.securityfocus.com/bid/100123

Libexpat Expat CVE-2017-11742 DLL Loading Remote Code Execution Vulnerability
2017-08-07
http://www.securityfocus.com/bid/100147

Oracle Java SE CVE-2013-0425 Remote Java Runtime Environment Vulnerability
2017-08-04
http://www.securityfocus.com/bid/57709

Microsoft Windows LNK CVE-2017-8464 Remote Code Execution Vulnerability
2017-08-04
http://www.securityfocus.com/bid/98818

Apache HTTP Server CVE-2017-3169 Denial of Service Vulnerability
2017-08-04
http://www.securityfocus.com/bid/99134

Apache HTTP Server CVE-2017-7679 Buffer Overflow Vulnerability
2017-08-04
http://www.securityfocus.com/bid/99170

Apache HTTP Server CVE-2017-3167 Authentication Bypass Vulnerability
2017-08-04
http://www.securityfocus.com/bid/99135

Apache HTTP Server CVE-2017-7668 Denial of Service Vulnerability
2017-08-04
http://www.securityfocus.com/bid/99137

ImageMagick CVE-2017-12428 Denial of Service Vulnerability
2017-08-04
http://www.securityfocus.com/bid/100145

Eaton ELCSoft Programming Software Multiple Buffer Overflow Vulnerabilities
2017-08-04
http://www.securityfocus.com/bid/100144

MantisBT CVE-2017-12419 Arbitrary File Read Vulnerability
2017-08-04
http://www.securityfocus.com/bid/100142

Kakadu SDK CVE-2017-2811 Buffer Overflow Vulnerability
2017-08-04
http://www.securityfocus.com/bid/100141

Kakadu SDK CVE-2017-2812 Buffer Overflow Vulnerability
2017-08-04
http://www.securityfocus.com/bid/100140

Continental AG Infineon S-Gold 2 Remote Code Execution and Stack Buffer Overflow Vulnerabilities
2017-08-04
http://www.securityfocus.com/bid/100132

Oracle Java SE CVE-2013-0419 Java Runtime Environment Remote Security Vulnerability
2017-08-03
http://www.securityfocus.com/bid/57714

Oracle Java SE CVE-2012-5075 Remote Java Runtime Environment Vulnerability
2017-08-03
http://www.securityfocus.com/bid/56081

Apache FOP CVE-2017-5661 XML External Entity Information Disclosure Vulnerability
2017-08-03
http://www.securityfocus.com/bid/97947

Google Android Broadcom components Multiple Security Vulnerabilities
2017-08-03
http://www.securityfocus.com/bid/99482

Oracle Java SE CVE-2013-0432 Java Runtime Environment Remote Security Vulnerability
2017-08-03
http://www.securityfocus.com/bid/57727

SANS News

Increase of phpMyAdmin scans

Threatpost

 

Exploit

 

6.8.2017

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

SANS News

Use of the Open Graph Protocol to Disguise Malicious Facebook Links

Threatpost

Tor Developer Busts Myths, Announces New Features

Exploits Available for Siemens Molecular Imaging Vulnerabilities

Attackers Use Typo-Squatting To Steal npm Credentials

Exploit

Microsoft Windows - LNK Shortcut File Code Execution

Linux x86 - /bin/sh Shellcode (24 bytes)