Feed aggregator

Vuln: Oracle Java SE and JRockit CVE-2017-10108 Remote Security Vulnerability

Oracle Java SE and JRockit CVE-2017-10108 Remote Security Vulnerability
Categories:

Vuln: Linux kernel 'net/ipx/af_ipx.c' Use After Free Local Denial of Service Vulnerability

Linux kernel 'net/ipx/af_ipx.c' Use After Free Local Denial of Service Vulnerability
Categories:

Vuln: Linux Kernel CVE-2017-7346 Local Denial of Service Vulnerability

Linux Kernel CVE-2017-7346 Local Denial of Service Vulnerability
Categories:

Vuln: Google Android Qualcomm Components Multiple Information Disclosure Vulnerabilities

Google Android Qualcomm Components Multiple Information Disclosure Vulnerabilities
Categories:

Vuln: Linux Kernel 'sound/core/timer.c' Local Information Disclosure Vulnerability

Linux Kernel 'sound/core/timer.c' Local Information Disclosure Vulnerability
Categories:

Vuln: Linux Kernel CVE-2017-9150 Local Information Disclosure Vulnerability

Linux Kernel CVE-2017-9150 Local Information Disclosure Vulnerability
Categories:

Vuln: Mozilla Firefox Multiple Security Vulnerabilities

Mozilla Firefox Multiple Security Vulnerabilities
Categories:

Vuln: Mozilla Firefox CVE-2017-5472 Use After Free Denial of Service Vulnerability

Mozilla Firefox CVE-2017-5472 Use After Free Denial of Service Vulnerability
Categories:

Vuln: Mozilla Firefox CVE-2017-5470 Multiple Unspecified Memory Corruption Vulnerabilities

Mozilla Firefox CVE-2017-5470 Multiple Unspecified Memory Corruption Vulnerabilities
Categories:

[slackware-security] tcpdump (SSA:2017-205-01)

BugTraq Latest Security Advisories - July 25, 2017 - 2:26am

Posted by Slackware Security Team on Jul 25

[slackware-security] tcpdump (SSA:2017-205-01)

New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2,
and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/tcpdump-4.9.1-i586-1_slack14.2.txz: Upgraded.
This update fixes an issue where tcpdump 4.9.0 allows remote attackers
to cause a denial of service (heap-based buffer over-read and...
Categories:

SEC Consult SA-20170724-0 :: Cross-Site Scripting (XSS) issue in multiple Ubiquiti Networks products

BugTraq Latest Security Advisories - July 25, 2017 - 2:16am

Posted by SEC Consult Vulnerability Lab on Jul 25

SEC Consult Vulnerability Lab Security Advisory < 20170724-0 >
=======================================================================
title: Cross-Site Scripting (XSS)
product: Ubiquiti Networks EP-R6, ER-X, ER-X-SFP
vulnerable version: Firmware v1.9.1
fixed version: Firmware v1.9.1.1
CVE number:
impact: Medium
homepage: https://www.ubnt.com
found: 2017-04-04...
Categories:

SEC Consult SA-20170724-1 :: Open Redirect issue in multiple Ubiquiti Networks products

BugTraq Latest Security Advisories - July 25, 2017 - 2:03am

Posted by SEC Consult Vulnerability Lab on Jul 25

SEC Consult Vulnerability Lab Security Advisory < 20170724-1 >
=======================================================================
title: Open Redirect in Login Page
product: Multiple Ubiquiti Networks products, e.g.
TS-16-CARRIER, TS-5-POE, TS-8-PRO, AG-HP-2G16,
AG-HP-2G20, AG-HP-5G23, AG-HP-5G27, AirGrid M,
AirGrid M2, AirGrid M5, AR, AR-HP,...
Categories:

Bugtraq: [RT-SA-2017-009] Remote Command Execution as root in REDDOXX Appliance

[RT-SA-2017-009] Remote Command Execution as root in REDDOXX Appliance
Categories:

Bugtraq: [RT-SA-2017-006] Arbitrary File Disclosure with root Privileges via RdxEngine-API in REDDOXX Appliance

[RT-SA-2017-006] Arbitrary File Disclosure with root Privileges via RdxEngine-API in REDDOXX Appliance
Categories:

Bugtraq: [RT-SA-2017-007] Undocumented Administrative Service Account in REDDOXX Appliance

[RT-SA-2017-007] Undocumented Administrative Service Account in REDDOXX Appliance
Categories:

next-20170725: linux-next

Linux Kernel Updates - July 24, 2017 - 11:51pm
Version:next-20170725 (linux-next) Released:2017-07-25

Vuln: Linux Kernel CVE-2016-8632 Local Heap Overflow Vulnerability

Security Focus Latest Security Advisories - July 24, 2017 - 11:00pm
Linux Kernel CVE-2016-8632 Local Heap Overflow Vulnerability
Categories:

Vuln: Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability

Security Focus Latest Security Advisories - July 24, 2017 - 11:00pm
Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
Categories:

Vuln: Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - July 24, 2017 - 11:00pm
Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability
Categories:

Vuln: Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - July 24, 2017 - 11:00pm
Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
Categories: