Feed aggregator

Vuln: Google Nexus NVIDIA Video Driver Multiple Local Privilege Escalation Vulnerabilities

Google Nexus NVIDIA Video Driver Multiple Local Privilege Escalation Vulnerabilities
Categories:

Vuln: Joomla! Core CVE-2016-9836 Arbitrary File Upload Vulnerability

Joomla! Core CVE-2016-9836 Arbitrary File Upload Vulnerability
Categories:

Vuln: McAfee Application Control and Endpoint Security CVE-2016-8010 Local Security Bypass Vulnerability

McAfee Application Control and Endpoint Security CVE-2016-8010 Local Security Bypass Vulnerability
Categories:

Vuln: NetApp Plug-in for Symantec NetBackup CVE-2016-7171 Security Bypass Vulnerability

NetApp Plug-in for Symantec NetBackup CVE-2016-7171 Security Bypass Vulnerability
Categories:

Vuln: SPIP CVE-2016-9152 Cross Site Scripting Vulnerability

SPIP CVE-2016-9152 Cross Site Scripting Vulnerability
Categories:

Vuln: Mozilla Firefox CVE-2016-9065 Location Bar Spoofing Vulnerability

Mozilla Firefox CVE-2016-9065 Location Bar Spoofing Vulnerability
Categories:

Vuln: Mozilla Network Security Services CVE-2016-9074 Multiple Security Bypass Vulnerabilities

Mozilla Network Security Services CVE-2016-9074 Multiple Security Bypass Vulnerabilities
Categories:

Vuln: Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability

Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
Categories:

Vuln: Mozilla Firefox Multiple Security Vulnerabilities

Mozilla Firefox Multiple Security Vulnerabilities
Categories:

Vuln: Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability

Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
Categories:

Vuln: Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities

Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
Categories:

next-20161206: linux-next

Linux Kernel Updates - December 5, 2016 - 11:18pm
Version:next-20161206 (linux-next) Released:2016-12-06

CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used

BugTraq Latest Security Advisories - December 5, 2016 - 7:05am

Posted by Eissing Stefan on Dec 05

Security Advisory - Apache Software Foundation
Apache HTTPD WebServer / httpd.apache.org

Server memory can be exhausted and service denied when HTTP/2 is used

CVE-2016-8740

The Apache HTTPD web server (from 2.4.17-2.4.23) did not apply limitations
on request headers correctly when experimental module for the HTTP/2
protocol is used to access a resource.

The net result is that a the server...
Categories:

Bugtraq: [security bulletin] HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of Privilege

Security Focus Latest Security Advisories - December 5, 2016 - 6:00am
[security bulletin] HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of Privilege
Categories:

Microsoft MSINFO32.EXE ".NFO" Files XML External Entity

BugTraq Latest Security Advisories - December 5, 2016 - 4:34am

Posted by apparitionsec on Dec 05

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-EXFILTRATION.txt

[+] ISR: ApparitionSec

Vendor:
=================
www.microsoft.com

Product:
==========================
Windows System Information
MSINFO32.exe v6.1.7601

Windows MSINFO32.EXE Displays a comprehensive view of your hardware, system components, and software...
Categories:

Microsoft Windows Media Center "ehshell.exe" XML External Entity

BugTraq Latest Security Advisories - December 5, 2016 - 4:14am

Posted by apparitionsec on Dec 05

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-MEDIA-CENTER-XXE-FILE-DISCLOSURE.txt

[+] ISR: ApparitionSec

Vendor:
==================
www.microsoft.com

Product:
==================================
Windows Media Center "ehshell.exe"
version 6.1.7600

Vulnerability Type:
====================
XML External Entity

CVE Reference:...
Categories:

Bugtraq: [security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection

Security Focus Latest Security Advisories - December 5, 2016 - 4:00am
[security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection
Categories:

Bugtraq: [security bulletin] HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java Deserialization, Remote Code Execution

Security Focus Latest Security Advisories - December 5, 2016 - 4:00am
[security bulletin] HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java Deserialization, Remote Code Execution
Categories:

next-20161205: linux-next

Linux Kernel Updates - December 5, 2016 - 12:59am
Version:next-20161205 (linux-next) Released:2016-12-05

Vuln: OpenAFS Directory Information Disclosure Vulnerability

Security Focus Latest Security Advisories - December 5, 2016 - 12:00am
OpenAFS Directory Information Disclosure Vulnerability
Categories: