Feed aggregator

Vuln: Juniper Junos CVE-2017-10602 Local Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - August 14, 2017 - 11:00pm
Juniper Junos CVE-2017-10602 Local Buffer Overflow Vulnerability
Categories:

Vuln: Adobe Flash Player CVE-2017-3106 Type Confusion Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - August 14, 2017 - 11:00pm
Adobe Flash Player CVE-2017-3106 Type Confusion Remote Code Execution Vulnerability
Categories:

Vuln: Adobe Flash Player CVE-2017-3085 Unspecified Security Bypass Vulnerability

Security Focus Latest Security Advisories - August 14, 2017 - 11:00pm
Adobe Flash Player CVE-2017-3085 Unspecified Security Bypass Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2013-1473 Java Runtime Environment Remote Security Vulnerability

Security Focus Latest Security Advisories - August 14, 2017 - 11:00pm
Oracle Java SE CVE-2013-1473 Java Runtime Environment Remote Security Vulnerability
Categories:

CVE-2017-9802: Apache Sling XSS vulnerability

BugTraq Latest Security Advisories - August 14, 2017 - 7:25am

Posted by Robert Munteanu on Aug 14

CVE-2017-9802: Apache Sling XSS vulnerability

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Apache Sling Servlets Post 2.3.20

Description:
The Javascript method Sling.evalString() uses the javascript `eval`
function to parse input strings, which allows for XSS attacks by
passing specially crafted input strings.

Mitigation:
Users should upgrade to version 2.3.22 or later of the Sling Servlets
Post bundle....
Categories:

[CVE-2017-9767] Quali CloudShell (v7.1.0.6508 Patch 6) Multiple Stored Cross Site Scripting Vulnerability

BugTraq Latest Security Advisories - August 14, 2017 - 7:11am

Posted by x62x65x6e on Aug 14

# Vulnerability type: Multiple Stored Cross Site Scripting
# Vendor: Quali
# Product: CloudShell
# Affected version: v7.1.0.6508 (Patch 6)
# Patched version: v8 and up
# Credit: Benjamin Lee
# CVE ID: CVE-2017-9767

==========================================================

# Overview
Quali CloudShell (v7.1.0.6508 Patch 6) is vulnerable to multiple stored XSS vulnerabilities on its platform this can be
exploited to execute arbitrary HTML and...
Categories:

Bugtraq: [slackware-security] mercurial (SSA:2017-223-03)

Security Focus Latest Security Advisories - August 14, 2017 - 6:00am
[slackware-security] mercurial (SSA:2017-223-03)
Categories:

Bugtraq: [SECURITY] [DSA 3936-1] postgresql-9.6 security update

Security Focus Latest Security Advisories - August 14, 2017 - 6:00am
[SECURITY] [DSA 3936-1] postgresql-9.6 security update
Categories:

[SECURITY] [DSA 3940-1] iortcw security update

BugTraq Latest Security Advisories - August 14, 2017 - 3:49am

Posted by Moritz Muehlenhoff on Aug 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-3940-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 13, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : iortcw
CVE ID : CVE-2017-11721

A read buffer...
Categories:

[slackware-security] mercurial (SSA:2017-223-03)

BugTraq Latest Security Advisories - August 14, 2017 - 3:35am

Posted by Slackware Security Team on Aug 14

[slackware-security] mercurial (SSA:2017-223-03)

New mercurial packages are available for Slackware 14.0, 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mercurial-4.3.1-i586-1_slack14.2.txz: Upgraded.
Fixes security issues:
Mercurial's symlink auditing was incomplete prior to 4.3, and could
be abused to write to files outside the...
Categories:

[SECURITY] [DSA 3937-1] zabbix security update

BugTraq Latest Security Advisories - August 14, 2017 - 3:21am

Posted by Moritz Muehlenhoff on Aug 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-3937-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 12, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : zabbix
CVE ID : CVE-2017-2824 CVE-2017-2825

Lilith...
Categories:

Bugtraq: [SECURITY] [DSA 3935-1] postgresql-9.4 security update

Security Focus Latest Security Advisories - August 14, 2017 - 3:00am
[SECURITY] [DSA 3935-1] postgresql-9.4 security update
Categories:

Bugtraq: [security bulletin] HPESB3P03762 rev.1 - HPE C Switch Software using Cisco Prime Data Center Network Manager (DCNM), Remote Code Execution

Security Focus Latest Security Advisories - August 14, 2017 - 3:00am
[security bulletin] HPESB3P03762 rev.1 - HPE C Switch Software using Cisco Prime Data Center Network Manager (DCNM), Remote Code Execution
Categories:

Bugtraq: [ANN] Apache Struts: S2-049 Security Bulletin update

Security Focus Latest Security Advisories - August 14, 2017 - 3:00am
[ANN] Apache Struts: S2-049 Security Bulletin update
Categories:

Vuln: Oracle Java SE CVE-2013-2451 Local Security Vulnerability

Security Focus Latest Security Advisories - August 13, 2017 - 11:00pm
Oracle Java SE CVE-2013-2451 Local Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2013-2452 Remote Security Vulnerability

Security Focus Latest Security Advisories - August 13, 2017 - 11:00pm
Oracle Java SE CVE-2013-2452 Remote Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2013-2450 Remote Security Vulnerability

Security Focus Latest Security Advisories - August 13, 2017 - 11:00pm
Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - August 13, 2017 - 11:00pm
Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
Categories:

Vuln: Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability

Security Focus Latest Security Advisories - August 13, 2017 - 11:00pm
Apache Subversion CVE-2017-9800 Remote Command Execution Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2017-10078 Remote Security Vulnerability

Security Focus Latest Security Advisories - August 13, 2017 - 11:00pm
Oracle Java SE CVE-2017-10078 Remote Security Vulnerability
Categories: