Security News

Vuln: Linux Kernel Multiple Local Memory Corruption Vulnerabilities

Security Focus Vulnerabilities - 7 July, 2016 - 23:00
Linux Kernel Multiple Local Memory Corruption Vulnerabilities

Vuln: WECON LeviStudio Multiple Buffer Overflow Vulnerabilities

Security Focus Vulnerabilities - 7 July, 2016 - 23:00
WECON LeviStudio Multiple Buffer Overflow Vulnerabilities

Vuln: Cisco Video Communication Server and Expressway CVE-2016-1444 Authentication Bypass Vulnerability

Security Focus Vulnerabilities - 7 July, 2016 - 23:00
Cisco Video Communication Server and Expressway CVE-2016-1444 Authentication Bypass Vulnerability

Vuln: Linux Kernel 'usb/core/hub.c' NULL Pointer Dereference Denial of Service Vulnerability

Security Focus Vulnerabilities - 7 July, 2016 - 23:00
Linux Kernel 'usb/core/hub.c' NULL Pointer Dereference Denial of Service Vulnerability

Vuln: Linux Kernel CVE-2016-0723 Local Race Condition Vulnerability

Security Focus Vulnerabilities - 7 July, 2016 - 23:00
Linux Kernel CVE-2016-0723 Local Race Condition Vulnerability

[KIS-2016-11] IPS Community Suite <= 4.1.12.3 Autoloaded PHP Code Injection Vulnerability

Full Disclosure - 7 July, 2016 - 10:56

Posted by Egidio Romano on Jul 07

---------------------------------------------------------------------------
IPS Community Suite <= 4.1.12.3 Autoloaded PHP Code Injection Vulnerability
---------------------------------------------------------------------------

[-] Software Link:

https://invisionpower.com/

[-] Affected Versions:

Version 4.1.12.3 and prior versions.

[-] Vulnerability Description:

The vulnerable code is located in the...

CODEBLUE.JP - Conference in Tokyo Calling for Papers by Aug.10

Full Disclosure - 7 July, 2016 - 10:04

Posted by CFP on Jul 07

Dear all,

CODE BLUE in Tokyo is looking for innovative and creative research topics
regarding to security to be presented at the conference.

We are calling for U24 submissions while General/Tech submissions.

CODE BLUE is an international conference in Tokyo with the cutting egdes
talks from all over the world, and is a place for all participants to
exchange information and interact beyond borders and languages.

We will support the travel...

Acer Portal Android Application - MITM SSL Certificate Vulnerability (CVE-2016-5648)

Full Disclosure - 7 July, 2016 - 10:04

Posted by David Coomber on Jul 07

Acer Portal Android Application - MITM SSL Certificate Vulnerability
(CVE-2016-5648)

Zero-day flaw lets hackers tamper with your car through BMW portal

Full Disclosure - 7 July, 2016 - 10:02

Posted by Vulnerability Lab on Jul 07

Title: Zero-day flaw lets hackers tamper with your car through BMW portal

URL:
http://www.zdnet.com/article/hackers-can-tamper-with-car-registration-through-bmw-connected-car-portal/

CVE-2016-4979: HTTPD webserver - X509 Client certificate based authentication can be bypassed when HTTP/2 is used [vs]

Bug Traq - 7 July, 2016 - 07:05

Posted by Dirk-Willem van Gulik on Jul 07

Security Advisory - Apache Software Foundation
Apache HTTPD WebServer / httpd.apache.org

X509 Client certificate based authentication can
be bypassed when HTTP/2 is used

CVE-2016-4979 / CVSS 7.5

The Apache HTTPD web server (from 2.4.18-2.4.20) did not validate a X509
client certificate correctly when experimental module for the HTTP/2
protocol is used to access a resource....

Bugtraq: Micron CMS v5.3 - (cat_id) SQL Injection Vulnerability

Security Focus Vulnerabilities - 7 July, 2016 - 00:40
Micron CMS v5.3 - (cat_id) SQL Injection Vulnerability

Bugtraq: Teampass 2.1.26 - Authenticated File Upload Vulnerability

Security Focus Vulnerabilities - 7 July, 2016 - 00:40
Teampass 2.1.26 - Authenticated File Upload Vulnerability

Acer Portal Android Application - MITM SSL Certificate Vulnerability (CVE-2016-5648)

Bug Traq - 7 July, 2016 - 00:37

Posted by David Coomber on Jul 06

Acer Portal Android Application - MITM SSL Certificate Vulnerability
(CVE-2016-5648)

[SECURITY] [DSA 3617-1] horizon security update

Bug Traq - 7 July, 2016 - 00:11

Posted by Moritz Muehlenhoff on Jul 06

-------------------------------------------------------------------------
Debian Security Advisory DSA-3617-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
July 06, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : horizon
CVE ID : CVE-2015-3219 CVE-2016-4428

Two...
Syndicate content