Feed aggregator

Vuln: Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - December 6, 2016 - 12:00am
Broadcom Wifi Driver 'brcmf_cfg80211_start_ap()' Function Stack Buffer Overflow Vulnerability
Categories:

Vuln: Mozilla Firefox Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - December 6, 2016 - 12:00am
Mozilla Firefox Multiple Security Vulnerabilities
Categories:

Vuln: Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - December 6, 2016 - 12:00am
Mozilla Firefox CVE-2016-9079 Use After Free Remote Code Execution Vulnerability
Categories:

Vuln: Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities

Security Focus Latest Security Advisories - December 6, 2016 - 12:00am
Mozilla Firefox CVE-2016-5290 Multiple Unspecified Memory Corruption Vulnerabilities
Categories:

Vuln: Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - December 6, 2016 - 12:00am
Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
Categories:

next-20161206: linux-next

Linux Kernel Updates - December 5, 2016 - 11:18pm
Version:next-20161206 (linux-next) Released:2016-12-06

CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used

BugTraq Latest Security Advisories - December 5, 2016 - 7:05am

Posted by Eissing Stefan on Dec 05

Security Advisory - Apache Software Foundation
Apache HTTPD WebServer / httpd.apache.org

Server memory can be exhausted and service denied when HTTP/2 is used

CVE-2016-8740

The Apache HTTPD web server (from 2.4.17-2.4.23) did not apply limitations
on request headers correctly when experimental module for the HTTP/2
protocol is used to access a resource.

The net result is that a the server...
Categories:

Bugtraq: [security bulletin] HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of Privilege

Security Focus Latest Security Advisories - December 5, 2016 - 6:00am
[security bulletin] HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of Privilege
Categories:

Microsoft MSINFO32.EXE ".NFO" Files XML External Entity

BugTraq Latest Security Advisories - December 5, 2016 - 4:34am

Posted by apparitionsec on Dec 05

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-EXFILTRATION.txt

[+] ISR: ApparitionSec

Vendor:
=================
www.microsoft.com

Product:
==========================
Windows System Information
MSINFO32.exe v6.1.7601

Windows MSINFO32.EXE Displays a comprehensive view of your hardware, system components, and software...
Categories:

Microsoft Windows Media Center "ehshell.exe" XML External Entity

BugTraq Latest Security Advisories - December 5, 2016 - 4:14am

Posted by apparitionsec on Dec 05

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-MEDIA-CENTER-XXE-FILE-DISCLOSURE.txt

[+] ISR: ApparitionSec

Vendor:
==================
www.microsoft.com

Product:
==================================
Windows Media Center "ehshell.exe"
version 6.1.7600

Vulnerability Type:
====================
XML External Entity

CVE Reference:...
Categories:

Bugtraq: [security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection

Security Focus Latest Security Advisories - December 5, 2016 - 4:00am
[security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection
Categories:

Bugtraq: [security bulletin] HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java Deserialization, Remote Code Execution

Security Focus Latest Security Advisories - December 5, 2016 - 4:00am
[security bulletin] HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java Deserialization, Remote Code Execution
Categories:

next-20161205: linux-next

Linux Kernel Updates - December 5, 2016 - 12:59am
Version:next-20161205 (linux-next) Released:2016-12-05

Vuln: OpenAFS Directory Information Disclosure Vulnerability

Security Focus Latest Security Advisories - December 5, 2016 - 12:00am
OpenAFS Directory Information Disclosure Vulnerability
Categories:

Vuln: Debian Tomcat Package Multiple Local Privilege Escalation Vulnerabilities

Security Focus Latest Security Advisories - December 5, 2016 - 12:00am
Debian Tomcat Package Multiple Local Privilege Escalation Vulnerabilities
Categories:

Vuln: Linux Kernel 'lapic.c' Local Denial of Service Vulnerability

Security Focus Latest Security Advisories - December 5, 2016 - 12:00am
Linux Kernel 'lapic.c' Local Denial of Service Vulnerability
Categories:

Vuln: QEMU '/hw/net/mcf_fec.c' Denial of Service Vulnerability

Security Focus Latest Security Advisories - December 5, 2016 - 12:00am
QEMU '/hw/net/mcf_fec.c' Denial of Service Vulnerability
Categories:

Vuln: OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability

Security Focus Latest Security Advisories - December 5, 2016 - 12:00am
OpenSSL CVE-2016-6306 Local Denial of Service Vulnerability
Categories:

Vuln: OpenSSL CVE-2016-6308 Denial of Service Vulnerability

Security Focus Latest Security Advisories - December 5, 2016 - 12:00am
OpenSSL CVE-2016-6308 Denial of Service Vulnerability
Categories:

Vuln: OpenSSL CVE-2016-6307 Denial of Service Vulnerability

Security Focus Latest Security Advisories - December 5, 2016 - 12:00am
OpenSSL CVE-2016-6307 Denial of Service Vulnerability
Categories: