Feed aggregator

Vuln: Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability

Atlassian Bamboo CVE-2017-14590 Remote Code Execution Vulnerability
Categories:

Vuln: Microsoft Windows Kernel CVE-2017-11831 Local Information Disclosure Vulnerability

Microsoft Windows Kernel CVE-2017-11831 Local Information Disclosure Vulnerability
Categories:

Vuln: Microsoft Windows Kernel CVE-2017-11849 Local Information Disclosure Vulnerability

Microsoft Windows Kernel CVE-2017-11849 Local Information Disclosure Vulnerability
Categories:

Vuln: Microsoft Windows Kernel CVE-2017-11851 Local Information Disclosure Vulnerability

Microsoft Windows Kernel CVE-2017-11851 Local Information Disclosure Vulnerability
Categories:

Vuln: Microsoft Windows Graphics Component CVE-2017-11850 Local Information Disclosure Vulnerability

Microsoft Windows Graphics Component CVE-2017-11850 Local Information Disclosure Vulnerability
Categories:

Vuln: Microsoft Office CVE-2017-11876 Cross Site Request Forgery Vulnerability

Microsoft Office CVE-2017-11876 Cross Site Request Forgery Vulnerability
Categories:

Vuln: Microsoft Windows GDI Component CVE-2017-11852 Local Information Disclosure Vulnerability

Microsoft Windows GDI Component CVE-2017-11852 Local Information Disclosure Vulnerability
Categories:

Vuln: SAP NetWeaver Knowledge Management XMLForms Unspecified Cross Site Scripting Vulnerability

SAP NetWeaver Knowledge Management XMLForms Unspecified Cross Site Scripting Vulnerability
Categories:

Vuln: Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities

Mozilla Firefox Prior to 57 Multiple Security Vulnerabilities
Categories:

Vuln: Microsoft Edge CVE-2017-11833 Information Disclosure Vulnerability

Microsoft Edge CVE-2017-11833 Information Disclosure Vulnerability
Categories:

Vuln: Microsoft Word CVE-2017-11854 Memory Corruption Vulnerability

Microsoft Word CVE-2017-11854 Memory Corruption Vulnerability
Categories:

Vuln: Adobe Photoshop CC 2017 APSB17-34 Multiple Remote Code Execution Vulnerabilities

Adobe Photoshop CC 2017 APSB17-34 Multiple Remote Code Execution Vulnerabilities
Categories:

Bugtraq: [SECURITY] [DSA 4064-1] chromium-browser security update

Security Focus Latest Security Advisories - December 14, 2017 - 11:00pm
[SECURITY] [DSA 4064-1] chromium-browser security update
Categories:

Bugtraq: Advisory - Fisheye and Crucible - CVE-2017-14591

Security Focus Latest Security Advisories - December 14, 2017 - 11:00pm
Advisory - Fisheye and Crucible - CVE-2017-14591
Categories:

APPLE-SA-2017-12-13-1 iOS 11.2.1

BugTraq Latest Security Advisories - December 14, 2017 - 10:35pm

Posted by Apple Product Security on Dec 14

APPLE-SA-2017-12-13-1 iOS 11.2.1

iOS 11.2.1 is now available and addresses the following:

HomeKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to unexpectedly alter
application state
Description: A message handling issue was addressed with improved
input validation.
CVE-2017-13903: Tian Zhang

Installation note:

This update is available through iTunes and Software...
Categories:

APPLE-SA-2017-12-13-2 tvOS 11.2.1

BugTraq Latest Security Advisories - December 14, 2017 - 10:29pm

Posted by Apple Product Security on Dec 14

APPLE-SA-2017-12-13-2 tvOS 11.2.1

tvOS 11.2.1 is now available and addresses the following:

HomeKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A remote attacker may be able to unexpectedly alter
application state
Description: A message handling issue was addressed with improved
input validation.
CVE-2017-13903: Tian Zhang

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may...
Categories:

AST-2017-012: Remote Crash Vulnerability in RTCP Stack

BugTraq Latest Security Advisories - December 14, 2017 - 10:22pm

Posted by Asterisk Security Team on Dec 14

Asterisk Project Security Advisory - AST-2017-012

Product Asterisk
Summary Remote Crash Vulnerability in RTCP Stack
Nature of Advisory Denial of Service
Susceptibility Remote Unauthenticated Sessions
Severity Moderate...
Categories:

next-20171215: linux-next

Linux Kernel Updates - December 14, 2017 - 10:19pm
Version:next-20171215 (linux-next) Released:2017-12-15

APPLE-SA-2017-12-13-7 Additional information for APPLE-SA-2017-12-6-4 tvOS 11.2

BugTraq Latest Security Advisories - December 14, 2017 - 10:15pm

Posted by Apple Product Security on Dec 14

APPLE-SA-2017-12-13-7 Additional information for
APPLE-SA-2017-12-6-4 tvOS 11.2

tvOS 11.2 addresses the following:

IOSurface
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13861: Ian Beer of Google Project Zero

Kernel
Available for: Apple TV 4K and Apple TV...
Categories:

ADVISORY - Kemp Load Balancers - Module Application Firewall Pack (AFP) - Web Application Firewall (WAF) does not inspect HTTP POST data - CVE-2017-15524

BugTraq Latest Security Advisories - December 14, 2017 - 10:09pm

Posted by tim . kretschmann on Dec 14

1. ADVISORY SUMMARY

Kemp Load Balancers - Module Application Firewall Pack (AFP) - Web Application Firewall (WAF) does not inspect HTTP
POST data

Risk: high

Application: Kemp Load Balancers - Module Application Firewall Pack (AFP)
Versions Affected: 7.1.30 (Nov 2015) to 7.2.40 (Oct 2017) // Older versions are probably affected too, but they were
not checked
Vendor: KEMP Technologies
Vendor URL: https://kemptechnologies.com/

Sent to...
Categories: