Security News

Huawei Flybox B660 - (POST SMS) CSRF Web Vulnerability

Full Disclosure - 16 January, 2017 - 04:42

Posted by Vulnerability Lab on Jan 16

Document Title:
===============
Huawei Flybox B660 - (POST SMS) CSRF Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2026

Release Date:
=============
2017-01-12

Vulnerability Laboratory ID (VL-ID):
====================================
2026

Common Vulnerability Scoring System:
====================================
4.4

Product & Service Introduction:...

[SECURITY] [DSA 3743-2] python-bottle regression update

Bug Traq - 16 January, 2017 - 03:51

Posted by Sebastien Delafond on Jan 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-3743-2 security () debian org
https://www.debian.org/security/ Sebastien Delafond
January 15, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : python-bottle
Debian Bug : 850176

The update for...

Bugtraq: [security bulletin] HPSBGN03694 rev.1 - HPE SiteScope, Remote Disclosure of Information

Security Focus Vulnerabilities - 16 January, 2017 - 03:50
[security bulletin] HPSBGN03694 rev.1 - HPE SiteScope, Remote Disclosure of Information

Bugtraq: ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers)

Security Focus Vulnerabilities - 16 January, 2017 - 03:50
ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers)

Bugtraq: [SECURITY] [DSA 3760-1] ikiwiki security update

Security Focus Vulnerabilities - 16 January, 2017 - 03:50
[SECURITY] [DSA 3760-1] ikiwiki security update

Bugtraq: CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application

Security Focus Vulnerabilities - 16 January, 2017 - 03:50
CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application

[SECURITY] [DSA 3765-1] icoutils security update

Bug Traq - 16 January, 2017 - 03:45

Posted by Salvatore Bonaccorso on Jan 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-3765-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
January 14, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : icoutils
CVE ID : CVE-2017-5331 CVE-2017-5332...

[security bulletin] HPSBGN03689 rev.1 - HPE Diagnostics, Remote Cross-Site Scripting and Click Jacking

Bug Traq - 16 January, 2017 - 03:36

Posted by security-alert on Jan 16

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05370100

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05370100
Version: 1

HPSBGN03689 rev.1 - HPE Diagnostics, Remote Cross-Site Scripting and Click
Jacking

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2017-01-13
Last Updated:...

[security bulletin] HPSBST03671 rev.2 - HPE StoreEver MSL6480 Tape Library Management Interface, Multiple Remote Vulnerabilities

Bug Traq - 16 January, 2017 - 03:26

Posted by security-alert on Jan 16

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05333297

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05333297
Version: 2

HPSBST03671 rev.2 - HPE StoreEver MSL6480 Tape Library Management Interface,
Multiple Remote Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...

[SECURITY] [DSA 3764-1] pdns security update

Bug Traq - 16 January, 2017 - 03:16

Posted by Salvatore Bonaccorso on Jan 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-3764-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
January 13, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : pdns
CVE ID : CVE-2016-2120 CVE-2016-7068...

Vuln: PHP 'bzread()' Function Out of Bounds Remote Code Execution Vulnerability

Security Focus Vulnerabilities - 16 January, 2017 - 00:00
PHP 'bzread()' Function Out of Bounds Remote Code Execution Vulnerability

Vuln: Oracle Java SE CVE-2014-6456 Remote Security Vulnerability

Security Focus Vulnerabilities - 16 January, 2017 - 00:00
Oracle Java SE CVE-2014-6456 Remote Security Vulnerability

Vuln: Oracle Java SE CVE-2014-6513 Remote Security Vulnerability

Security Focus Vulnerabilities - 16 January, 2017 - 00:00
Oracle Java SE CVE-2014-6513 Remote Security Vulnerability

Vuln: Oracle Java SE CVE-2014-6468 Local Security Vulnerability

Security Focus Vulnerabilities - 16 January, 2017 - 00:00
Oracle Java SE CVE-2014-6468 Local Security Vulnerability

Vuln: Oracle Java SE CVE-2014-6504 Remote Security Vulnerability

Security Focus Vulnerabilities - 16 January, 2017 - 00:00
Oracle Java SE CVE-2014-6504 Remote Security Vulnerability

Vuln: libxml2 CVE-2015-8806 Denial of Service Vulnerability

Security Focus Vulnerabilities - 16 January, 2017 - 00:00
libxml2 CVE-2015-8806 Denial of Service Vulnerability

Vuln: AttacheCase CVE-2016-7842 Directory Traversal Vulnerability

Security Focus Vulnerabilities - 16 January, 2017 - 00:00
AttacheCase CVE-2016-7842 Directory Traversal Vulnerability

Vuln: GStreamer Good Plug-ins Incomplete Fix CVE-2016-9808 Buffer Overflow Vulnerability

Security Focus Vulnerabilities - 16 January, 2017 - 00:00
GStreamer Good Plug-ins Incomplete Fix CVE-2016-9808 Buffer Overflow Vulnerability

Vuln: Multiple AttacheCase Products CVE-2016-7843 Directory Traversal Vulnerability

Security Focus Vulnerabilities - 16 January, 2017 - 00:00
Multiple AttacheCase Products CVE-2016-7843 Directory Traversal Vulnerability

Vuln: IBM Kenexa LMS on Cloud CVE-2016-8930 Unspecified SQL-Injection Vulnerability

Security Focus Vulnerabilities - 16 January, 2017 - 00:00
IBM Kenexa LMS on Cloud CVE-2016-8930 Unspecified SQL-Injection Vulnerability
Syndicate content