Feed aggregator

Vuln: Drupal Core CVE-2017-6920 Remote Code Execution Vulnerability

Drupal Core CVE-2017-6920 Remote Code Execution Vulnerability
Categories:

Vuln: Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL Injection Vulnerability

Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL Injection Vulnerability
Categories:

Vuln: JasPer 'jp2_dec.c' Remote Heap Buffer Overflow Vulnerability

JasPer 'jp2_dec.c' Remote Heap Buffer Overflow Vulnerability
Categories:

Vuln: zlib Multiple Denial of Service Vulnerabilities

zlib Multiple Denial of Service Vulnerabilities
Categories:

next-20170621: linux-next

Linux Kernel Updates - June 21, 2017 - 3:05am
Version:next-20170621 (linux-next) Released:2017-06-21

Vuln: Mozilla Network Security Services CVE-2017-7502 Denial of Service Vulnerability

Security Focus Latest Security Advisories - June 20, 2017 - 11:00pm
Mozilla Network Security Services CVE-2017-7502 Denial of Service Vulnerability
Categories:

Vuln: Linux Kernel CVE-2017-8890 Denial of Service Vulnerability

Security Focus Latest Security Advisories - June 20, 2017 - 11:00pm
Linux Kernel CVE-2017-8890 Denial of Service Vulnerability
Categories:

Vuln: Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability

Security Focus Latest Security Advisories - June 20, 2017 - 11:00pm
Linux kernel CVE-2017-7308 Local Denial of Service Vulnerability
Categories:

Vuln: Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities

Security Focus Latest Security Advisories - June 20, 2017 - 11:00pm
Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
Categories:

Vuln: OpenBSD CVE-2017-1000373 Denial of Service Vulnerability

Security Focus Latest Security Advisories - June 20, 2017 - 11:00pm
OpenBSD CVE-2017-1000373 Denial of Service Vulnerability
Categories:

Vuln: JasPer Null Pointer Dereference Denial of Service Vulnerability

Security Focus Latest Security Advisories - June 20, 2017 - 11:00pm
JasPer Null Pointer Dereference Denial of Service Vulnerability
Categories:

Vuln: EMC VASA Provider Virtual Appliance CVE-2017-4997 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - June 20, 2017 - 11:00pm
EMC VASA Provider Virtual Appliance CVE-2017-4997 Remote Code Execution Vulnerability
Categories:

ESA-2017-053: EMC Isilon OneFS Privilege Escalation Vulnerability

BugTraq Latest Security Advisories - June 20, 2017 - 1:05pm

Posted by EMC Product Security Response Center on Jun 20

ESA-2017-053: EMC Isilon OneFS Privilege Escalation Vulnerability

EMC Identifier: ESA-2017-053

CVE Identifier: CVE-2017-4988

Severity Rating: CVSS v3 Base Score:
Base Score=> 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Affected products:
• EMC Isilon OneFS 8.0.1.0
• EMC Isilon OneFS 8.0.0 - 8.0.0.3
• EMC Isilon OneFS 7.2.0 - 7.2.1.4
• EMC Isilon OneFS 7.1.x

Summary:
EMC Isilon OneFS is affected by a...
Categories:

Bugtraq: [SECURITY] [DSA 3886-1] linux security update

[SECURITY] [DSA 3886-1] linux security update
Categories:

ESA-2017-054: EMC Avamar Multiple Vulnerabilities

BugTraq Latest Security Advisories - June 20, 2017 - 12:47pm

Posted by EMC Product Security Response Center on Jun 20

ESA-2017-054: EMC Avamar Multiple Vulnerabilities

EMC Identifier: ESA-2017-054
CVE Identifiers:
CVE-2017-4989, CVE-2017-4990

Affected products:
• EMC Avamar Server Software 7.4.1-58, 7.4.0-242 (CVE-2017-4990)
• EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226 (CVE-2017-4989, CVE-2017-4990)
• EMC Avamar Server Software 7.2.1-32, 7.2.1-31, 7.2.0-401 (CVE-2017-4989)
Severity Rating: See below for individual scores...
Categories:

Bugtraq: [SECURITY] [DSA 3887-1] glibc security update

Security Focus Latest Security Advisories - June 20, 2017 - 11:00am
[SECURITY] [DSA 3887-1] glibc security update
Categories:

CVE-2017-3167: Apache httpd 2.x ap_get_basic_auth_pw authentication bypass

BugTraq Latest Security Advisories - June 20, 2017 - 6:41am

Posted by Jacob Champion on Jun 20

CVE-2017-3167: ap_get_basic_auth_pw authentication bypass

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
httpd 2.2.0 to 2.2.32
httpd 2.4.0 to 2.4.25

Description:
Use of the ap_get_basic_auth_pw() by third-party modules outside of the
authentication phase may lead to authentication requirements being
bypassed.

Mitigation:
2.2.x users should either apply the patch available at...
Categories:

Bugtraq: [security bulletin] HPESBGN03758 rev.2 - HPE UCMDB, Remote Code Execution

[security bulletin] HPESBGN03758 rev.2 - HPE UCMDB, Remote Code Execution
Categories:

next-20170620: linux-next

Linux Kernel Updates - June 20, 2017 - 12:58am
Version:next-20170620 (linux-next) Released:2017-06-20

Vuln: IBM Java SDK CVE-2017-1289 XML External Entity Injection Vulnerability

Security Focus Latest Security Advisories - June 19, 2017 - 11:00pm
IBM Java SDK CVE-2017-1289 XML External Entity Injection Vulnerability
Categories: