Security News

Vuln: Multiple IBM Products CVE-2016-0285 HTML Injection Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
Multiple IBM Products CVE-2016-0285 HTML Injection Vulnerability

Vuln: Cybozu Kintone App CVE-2016-7816 SSL Certificate Validation Security Bypass Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
Cybozu Kintone App CVE-2016-7816 SSL Certificate Validation Security Bypass Vulnerability

Vuln: InPage '.inp' File Parser Remote Code Execution Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
InPage '.inp' File Parser Remote Code Execution Vulnerability

Vuln: Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
Linux Kernel CVE-2016-7042 Local Denial of Service Vulnerability

Vuln: Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
Linux Kernel CVE-2016-6130 Local Information Disclosure Vulnerability

Vuln: Linux Kernel CVE-2016-8666 Stack Overflow Denial of Service Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
Linux Kernel CVE-2016-8666 Stack Overflow Denial of Service Vulnerability

Vuln: ICU CVE-2016-6293 Out of Bounds Read Denial of Service Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
ICU CVE-2016-6293 Out of Bounds Read Denial of Service Vulnerability

Vuln: International Components for Unicode CVE-2016-7415 Stack Buffer Overflow Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
International Components for Unicode CVE-2016-7415 Stack Buffer Overflow Vulnerability

Vuln: IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
IBM Security Privileged Identity Manager CVE-2016-0353 Information Disclosure Vulnerability

Vuln: Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
Multiple IBM Products CVE-2016-0325 Remote Command Injection Vulnerability

Vuln: Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
Multiple IBM Products CVE-2016-2864 Cross Site Scripting Vulnerability

Vuln: GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
GStreamer Good Plug-ins Multiple Buffer Overflow Vulnerabilities

Vuln: ImageMagick 'coders/tiff.c' Memory Corruption Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
ImageMagick 'coders/tiff.c' Memory Corruption Vulnerability

Vuln: Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
Linux Kernel 'tcp_xmit_retransmit_queue()' Function Use After Free Denial of Service Vulnerability

Vuln: Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability

Security Focus Vulnerabilities - 28 November, 2016 - 00:00
Linux Kernel 'Ack Challenge' Information Disclosure Vulnerability

Vuln: CakePHP Multiple Security Bypass Vulnerabilities

Security Focus Vulnerabilities - 27 November, 2016 - 00:00
CakePHP Multiple Security Bypass Vulnerabilities

UCanCode multiple vulnerabilities

Full Disclosure - 25 November, 2016 - 05:26

Posted by Carlo Di Dato on Nov 25

http://shinnai.altervista.org/exploits/SH-0025-20161123.html

---------------------------------------------------------------------
UCanCode multiple vulnerabilities

Url: http://www.hmi-software.com/
http://www.ucancode.net/index.htm
http://www.ucancode.net/bbs/zhuce/login.htm

Description: Form vendor's web page "UCanCode Software is a Market
Leading provider of HMI & SCADA, CAD, UML, GIS, Vector Graphics...

NEW VMSA-2016-0021 VMware product updates address partial information disclosure vulnerability

Full Disclosure - 25 November, 2016 - 05:26

Posted by VMware Security Response Center on Nov 25

??-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------------
- -
VMware Security Advisory

Advisory ID: VMSA-2016-0021
Severity: Moderate
Synopsis: VMware product updates address partial information disclosure
vulnerability
Issue date: 2016-11-22
Updated on: 2016-11-22 (Initial Advisory)
CVE number: CVE-2016-5334

1. Summary...

NEW VMSA-2016-0022 VMware product updates address information disclosure vulnerabilities

Full Disclosure - 25 November, 2016 - 05:25

Posted by VMware Security Response Center on Nov 25

​​-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------------
- ---
VMware Security Advisory

Advisory ID: VMSA-2016-0022
Severity: Important
Synopsis: VMware product updates address information disclosure
vulnerabilities
Issue date: 2016-11-22
Updated on: 2016-11-22 (Initial Advisory)
CVE number: CVE-2016-7458, CVE-2016-7459,...

[SYSS-2016-107] EASY HOME Alarmanlagen-Set - Cryptographic Issues (CWE-310)

Full Disclosure - 25 November, 2016 - 05:23

Posted by Matthias Deeg on Nov 25

Advisory ID: SYSS-2016-107
Product: EASY HOME Alarmanlagen-Set
Manufacturer: monolith GmbH
Affected Version(s): Model No. MAS-S01-09
Tested Version(s): Model No. MAS-S01-09
Vulnerability Type: Cryptographic Issues (CWE-310)
Risk Level: Low
Solution Status: Open
Manufacturer Notification: 2016-10-05
Solution Date: -
Public Disclosure: 2016-11-23
CVE Reference: Not yet assigned
Author of Advisory: Gerhard Klostermeier (SySS GmbH)...
Syndicate content