Security News

ESA-2016-161: EMC Isilon OneFS LDAP Injection Vulnerability

Bug Traq - 18 January, 2017 - 10:59

Posted by EMC Product Security Response Center on Jan 18

----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

ESA-2016-161: EMC Isilon OneFS LDAP Injection Vulnerability

EMC Identifier: ESA-2016-161

CVE Identifier: CVE-2016-9870

Severity Rating: CVSS v3 Base Score: 6.0 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N)

Affected products:
• EMC Isilon OneFS 8.0.0.0
• EMC Isilon OneFS 7.2.1.0 - 7.2.1.2
• EMC Isilon OneFS 7.2.0.x
• EMC Isilon OneFS 7.1.1.0 - 7.1.1.10
• EMC Isilon...

ESA-2016-143: EMC Documentum Webtop and Clients Stored Cross-Site Scripting Vulnerability

Bug Traq - 18 January, 2017 - 10:49

Posted by EMC Product Security Response Center on Jan 18

ESA-2016-143: EMC Documentum Webtop and Clients Stored Cross-Site Scripting Vulnerability

EMC Identifier: ESA-2016-143
CVE Identifier: CVE-2016-8213
Severity Rating: CVSS v3 Base Score: 6.5 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)

Affected products:
• EMC Documentum Webtop –
o Version 6.8, prior to P18
o Version 6.8.1, prior to P06
• EMC Documentum TaskSpace version 6.7SP3, prior to P02
• EMC Documentum Capital...

Bugtraq: [SECURITY] [DSA 3765-1] icoutils security update

Security Focus Vulnerabilities - 18 January, 2017 - 10:15
[SECURITY] [DSA 3765-1] icoutils security update

Bugtraq: [security bulletin] HPSBGN03689 rev.1 - HPE Diagnostics, Remote Cross-Site Scripting and Click Jacking

Security Focus Vulnerabilities - 18 January, 2017 - 10:15
[security bulletin] HPSBGN03689 rev.1 - HPE Diagnostics, Remote Cross-Site Scripting and Click Jacking

Announce Keypatch v2.1, a better assembler for IDA Pro!

Full Disclosure - 18 January, 2017 - 08:50

Posted by Nguyen Anh Quynh on Jan 18

Greetings,

We are happy to release Keypatch v2.1, the open-source award-winning
assembler tool for IDA Pro!

Based on Keystone engine, this new version of Keypatch brings some
important features, as follows.

- Added a new function to search for assembly instructions, so it is easy
to grep for ROP gadgets in the binary. This will be helpful for
exploitation writers.
- Removed the "Assembler" function, which is redundant since now you...

Vuln: Citrix Provisioning Services Remote Code Execution and Information Disclosure Vulnerabilities

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Citrix Provisioning Services Remote Code Execution and Information Disclosure Vulnerabilities

Vuln: GeniXCMS CVE-2017-5516 Multiple Cross Site Scripting Vulnerabilities

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
GeniXCMS CVE-2017-5516 Multiple Cross Site Scripting Vulnerabilities

Vuln: Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability

Vuln: Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Apache Tomcat CVE-2015-5351 Cross Site Request Forgery Vulnerability

Vuln: Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Apache Tomcat CVE-2016-0763 Security Bypass Vulnerability

Vuln: Oracle E-Business Suite CVE-2017-3277 Remote Security Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Oracle E-Business Suite CVE-2017-3277 Remote Security Vulnerability

Vuln: Oracle E-Business Suite CVE-2017-3287 Remote Security Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Oracle E-Business Suite CVE-2017-3287 Remote Security Vulnerability

Vuln: Oracle E-Business Suite CVE-2017-3285 Remote Security Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Oracle E-Business Suite CVE-2017-3285 Remote Security Vulnerability

Vuln: Oracle E-Business Suite CVE-2017-3279 Remote Security Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Oracle E-Business Suite CVE-2017-3279 Remote Security Vulnerability

Vuln: Oracle E-Business Suite CVE-2017-3284 Remote Security Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Oracle E-Business Suite CVE-2017-3284 Remote Security Vulnerability

Vuln: Oracle E-Business Suite CVE-2017-3443 Remote Security Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Oracle E-Business Suite CVE-2017-3443 Remote Security Vulnerability

Vuln: Oracle E-Business Suite CVE-2017-3326 Remote Security Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Oracle E-Business Suite CVE-2017-3326 Remote Security Vulnerability

Vuln: Oracle E-Business Suite CVE-2017-3328 Remote Security Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Oracle E-Business Suite CVE-2017-3328 Remote Security Vulnerability

Vuln: RETIRED: Oracle Java SE CVE-2016-2183 Remote Security Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
RETIRED: Oracle Java SE CVE-2016-2183 Remote Security Vulnerability

Vuln: Oracle Commerce Platform CVE-2017-3296 Remote Security Vulnerability

Security Focus Vulnerabilities - 18 January, 2017 - 00:00
Oracle Commerce Platform CVE-2017-3296 Remote Security Vulnerability
Syndicate content