Feed aggregator

Vuln: Trend Micro InterScan Messaging Security Virtual Appliance Cross Site Scripting Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Trend Micro InterScan Messaging Security Virtual Appliance Cross Site Scripting Vulnerability
Categories:

Vuln: Cisco Adaptive Security Appliance (ASA) Software CVE-2017-6608 Denial of Service Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco Adaptive Security Appliance (ASA) Software CVE-2017-6608 Denial of Service Vulnerability
Categories:

Vuln: Cisco ASA Software CVE-2017-6609 Denial of Service Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco ASA Software CVE-2017-6609 Denial of Service Vulnerability
Categories:

Vuln: Cisco ASA Software CVE-2017-6610 Denial of Service Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco ASA Software CVE-2017-6610 Denial of Service Vulnerability
Categories:

Vuln: Cisco IOS and IOS XE Software Multiple Denial of Service Vulnerabilities

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco IOS and IOS XE Software Multiple Denial of Service Vulnerabilities
Categories:

Vuln: Cisco Adaptive Security Appliance (ASA) Software CVE-2017-6607 Denial of Service Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco Adaptive Security Appliance (ASA) Software CVE-2017-6607 Denial of Service Vulnerability
Categories:

Vuln: Cisco IOS XE Software CVE-2017-6615 Denial of Service Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco IOS XE Software CVE-2017-6615 Denial of Service Vulnerability
Categories:

Vuln: Cisco Prime Infrastructure CVE-2017-6611 Cross Site Scripting Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco Prime Infrastructure CVE-2017-6611 Cross Site Scripting Vulnerability
Categories:

Vuln: Cisco Integrated Management Controller CVE-2017-6618 Cross Site Scripting Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco Integrated Management Controller CVE-2017-6618 Cross Site Scripting Vulnerability
Categories:

Vuln: Cisco FindIT Network Probe CVE-2017-6614 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco FindIT Network Probe CVE-2017-6614 Information Disclosure Vulnerability
Categories:

Vuln: Cisco Integrated Management Controller CVE-2017-6619 Remote Command Execution Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco Integrated Management Controller CVE-2017-6619 Remote Command Execution Vulnerability
Categories:

Vuln: Cisco ASA Software and FTD Software CVE-2017-3793 Denial of Service Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco ASA Software and FTD Software CVE-2017-3793 Denial of Service Vulnerability
Categories:

Vuln: Cisco Unified Communications Manager CVE-2017-3808 Denial of Service Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
Cisco Unified Communications Manager CVE-2017-3808 Denial of Service Vulnerability
Categories:

Vuln: VMware Workstation and Horizon Client CVE-2017-4913 Integer Overflow Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
VMware Workstation and Horizon Client CVE-2017-4913 Integer Overflow Vulnerability
Categories:

Vuln: VMware Workstation and Horizon View Client CVE-2017-4912 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
VMware Workstation and Horizon View Client CVE-2017-4912 Remote Code Execution Vulnerability
Categories:

Vuln: IBM Cognos TM1 CVE-2016-3036 Denial of Service Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
IBM Cognos TM1 CVE-2016-3036 Denial of Service Vulnerability
Categories:

Vuln: OpenSSL CVE-2016-6307 Denial of Service Vulnerability

Security Focus Latest Security Advisories - April 19, 2017 - 11:00pm
OpenSSL CVE-2016-6307 Denial of Service Vulnerability
Categories:

DefenseCode ThunderScan SAST Advisory: Ultimate Form Builder Cross-Site Scripting (XSS) Vulnerability

BugTraq Latest Security Advisories - April 19, 2017 - 9:23am

Posted by DefenseCode on Apr 19

DefenseCode ThunderScan SAST Advisory
Ultimate Form Builder
Cross-Site Scripting (XSS) Vulnerability

Advisory ID: DC-2017-01-027
Software: Ultimate Form Builder WordPress plugin
Software Language: PHP
Version: Various
Vendor Status: Vendor contacted
Release Date: 20170419
Risk: Medium

# Advisory Overview

During the security audit, security vulnerability was discovered in
Ultimate Form Builder...
Categories:

CVE-2017-7220. OpenText Documentum Content Server: privilege evaluation using crafted RPC save-commands.

BugTraq Latest Security Advisories - April 19, 2017 - 9:11am

Posted by Andrey B. Panfilov on Apr 19

CVE Identifier: CVE-2017-7220
Vendor: OpenText
Affected products: OpenText Documentum Content Server (all versions)
Researcher: Andrey B. Panfilov
Severity Rating: CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Fix: not available
PoC:

https://gist.github.com/andreybpanfilov/d8792484e13971982c0719ae59ab8c7c
https://gist.github.com/andreybpanfilov/e0e60ae9d525a34cca04eb4c89a21e04

Description:

Initially this vulnerability was...
Categories:

CVE-2017-7692: Squirrelmail 1.4.22 Remote Code Execution

BugTraq Latest Security Advisories - April 19, 2017 - 8:58am

Posted by Filippo Cavallarin on Apr 19

Advisory ID: SGMA17-001
Title: Squirrelmail Remote Code Execution
Product: Squirrelmail
Version: 1.4.22 and probably prior
Vendor: squirrelmail.org
Type: Command Injection
Risk level: 4 / 5
Credit: filippo.cavallarin () wearesegment com
CVE: CVE-2017-7692
Vendor notification: 2017-04-04
Vendor fix: N/A...
Categories: