Security News

Vuln: Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability

Security Focus Vulnerabilities - 17 January, 2017 - 00:00
Apache HTTP Server CVE-2016-5387 Security Bypass Vulnerability

Vuln: OpenSSH CVE-2016-1907 Denial of Service Vulnerability

Security Focus Vulnerabilities - 17 January, 2017 - 00:00
OpenSSH CVE-2016-1907 Denial of Service Vulnerability

Vuln: Linux Kernel CVE-2015-5307 Denial of Service Vulnerability

Security Focus Vulnerabilities - 17 January, 2017 - 00:00
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability

Vuln: Oracle Java SE CVE-2016-5573 Remote Security Vulnerability

Security Focus Vulnerabilities - 17 January, 2017 - 00:00
Oracle Java SE CVE-2016-5573 Remote Security Vulnerability

Bugtraq: [SECURITY] CVE-2016-8748: Apache NiFi XSS vulnerability in connection details dialogue

Security Focus Vulnerabilities - 6 min 27 sec ago
[SECURITY] CVE-2016-8748: Apache NiFi XSS vulnerability in connection details dialogue

Bugtraq: [SECURITY] [DSA 3743-2] python-bottle regression update

Security Focus Vulnerabilities - 6 min 27 sec ago
[SECURITY] [DSA 3743-2] python-bottle regression update

Bugtraq: [SECURITY] [DSA 3765-1] icoutils security update

Security Focus Vulnerabilities - 6 min 27 sec ago
[SECURITY] [DSA 3765-1] icoutils security update

Bugtraq: [security bulletin] HPSBGN03689 rev.1 - HPE Diagnostics, Remote Cross-Site Scripting and Click Jacking

Security Focus Vulnerabilities - 6 min 27 sec ago
[security bulletin] HPSBGN03689 rev.1 - HPE Diagnostics, Remote Cross-Site Scripting and Click Jacking

More rss feeds from SecurityFocus

Security Focus Vulnerabilities - 6 min 27 sec ago
News, Infocus, Columns, Vulnerabilities, Bugtraq ...

Bugtraq: [security bulletin] HPSBST03671 rev.2 - HPE StoreEver MSL6480 Tape Library Management Interface, Multiple Remote Vulnerabilities

Security Focus Vulnerabilities - 5 hours 21 min ago
[security bulletin] HPSBST03671 rev.2 - HPE StoreEver MSL6480 Tape Library Management Interface, Multiple Remote Vulnerabilities

[SECURITY] CVE-2016-8748: Apache NiFi XSS vulnerability in connection details dialogue

Bug Traq - 5 hours 39 min ago

Posted by Joe Witt on Jan 16

CVE-2016-8748: Apache NiFi XSS vulnerability in connection details dialogue

Severity: Moderate

Vendor: The Apache Software Foundation

Versions Affected:
Apache NiFi 1.0.0
Apache NiFi 1.1.0

Description: There is a cross-site scripting vulnerability in
connection details dialog when accessed by an authorized user. The
user supplied text was not be properly handled when added to the DOM.

Mitigation:
1.0.0 users should upgrade to 1.0.1 or 1.1.1....

Apple (iTunes Notify) - Filter Bypass & Persistent Web Vulnerability

Full Disclosure - 15 hours 3 min ago

Posted by Vulnerability Lab on Jan 16

Document Title:
===============
Apple (iTunes Notify) - Bypass & Persistent Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2024

Followup ID: 654962036

Vulnerability Magazine:
https://www.vulnerability-db.com/?q=articles/2016/12/22/apple-ios-102-notify-function-vulnerable-attacks-idevice-itunes-appstore

Release Date:
=============
2017-01-16

Vulnerability Laboratory ID...

Salesforce (Event Registration) - Persistent Vulnerability

Full Disclosure - 15 hours 26 min ago

Posted by Vulnerability Lab on Jan 16

Document Title:
===============
Salesforce (Event Registration) - Persistent Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1991

Release Date:
=============
2017-01-11

Vulnerability Laboratory ID (VL-ID):
====================================
1991

Common Vulnerability Scoring System:
====================================
3.8

Product & Service Introduction:...

Huawei Flybox B660 - (POST SMS) CSRF Web Vulnerability

Full Disclosure - 15 hours 29 min ago

Posted by Vulnerability Lab on Jan 16

Document Title:
===============
Huawei Flybox B660 - (POST SMS) CSRF Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2026

Release Date:
=============
2017-01-12

Vulnerability Laboratory ID (VL-ID):
====================================
2026

Common Vulnerability Scoring System:
====================================
4.4

Product & Service Introduction:...

[SECURITY] [DSA 3743-2] python-bottle regression update

Bug Traq - 16 hours 19 min ago

Posted by Sebastien Delafond on Jan 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-3743-2 security () debian org
https://www.debian.org/security/ Sebastien Delafond
January 15, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : python-bottle
Debian Bug : 850176

The update for...

Bugtraq: [security bulletin] HPSBGN03694 rev.1 - HPE SiteScope, Remote Disclosure of Information

Security Focus Vulnerabilities - 16 hours 21 min ago
[security bulletin] HPSBGN03694 rev.1 - HPE SiteScope, Remote Disclosure of Information

Bugtraq: ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers)

Security Focus Vulnerabilities - 16 hours 21 min ago
ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers)

Bugtraq: [SECURITY] [DSA 3760-1] ikiwiki security update

Security Focus Vulnerabilities - 16 hours 21 min ago
[SECURITY] [DSA 3760-1] ikiwiki security update

Bugtraq: CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application

Security Focus Vulnerabilities - 16 hours 21 min ago
CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application

[SECURITY] [DSA 3765-1] icoutils security update

Bug Traq - 16 hours 26 min ago

Posted by Salvatore Bonaccorso on Jan 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-3765-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
January 14, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : icoutils
CVE ID : CVE-2017-5331 CVE-2017-5332...
Syndicate content