Feed aggregator

[FOXMOLE SA 2016-05-02] e107 Content Management System (CMS) - Multiple Issues

BugTraq Latest Security Advisories - November 30, 2016 - 12:59pm

Posted by FOXMOLE Advisories on Nov 30

=== FOXMOLE - Security Advisory 2016-05-02 ===

e107 Content Management System (CMS) - Multiple Issues
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Affected Versions
=================
e107 2.1.2 Bootstrap CMS

Issue Overview
==============
Vulnerability Type: Multiple Vulnerabilities
Technical Risk: medium
Likelihood of Exploitation: medium
Vendor: e107
Vendor URL: http://www.e107.org
Credits: FOXMOLE employee Tim Herres
Advisory URL:...
Categories:

[security bulletin] HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain Privileged Access

BugTraq Latest Security Advisories - November 30, 2016 - 12:48pm

Posted by security-alert on Nov 30

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05341463

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05341463
Version: 1

HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain
Privileged Access

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-11-23
Last...
Categories:

[RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler

BugTraq Latest Security Advisories - November 30, 2016 - 7:05am

Posted by RedTeam Pentesting GmbH on Nov 30

Advisory: Less.js: Compilation of Untrusted LESS Files May Lead to Code
Execution through the JavaScript Less Compiler

RedTeam Pentesting discovered behaviour in the Less.js compiler,
which allows execution of arbitrary code if an untrusted LESS file is
compiled.

Details
=======

Product: Less Compiler
Affected Versions: probably all versions
Fixed Versions: none
Vulnerability Type: Code Execution
Security Risk: low
Vendor URL:...
Categories:

Bugtraq: [SECURITY] [DSA 3725-1] icu security update

Security Focus Latest Security Advisories - November 30, 2016 - 5:00am
[SECURITY] [DSA 3725-1] icu security update
Categories:

Vuln: IBM iNotes and Domino CVE-2016-5880 Cross Site Scripting Vulnerability

Security Focus Latest Security Advisories - November 30, 2016 - 12:00am
IBM iNotes and Domino CVE-2016-5880 Cross Site Scripting Vulnerability
Categories:

Vuln: IBM iNotes and Domino CVE-2016-5882 Cross Site Scripting Vulnerability

Security Focus Latest Security Advisories - November 30, 2016 - 12:00am
IBM iNotes and Domino CVE-2016-5882 Cross Site Scripting Vulnerability
Categories:

Vuln: HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability

Security Focus Latest Security Advisories - November 30, 2016 - 12:00am
HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
Categories:

Vuln: HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - November 30, 2016 - 12:00am
HDF5 CVE-2016-4331 Local Heap Buffer Overflow Vulnerability
Categories:

Vuln: HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability

Security Focus Latest Security Advisories - November 30, 2016 - 12:00am
HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
Categories:

Vuln: HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - November 30, 2016 - 12:00am
HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
Categories:

Vuln: Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability

Security Focus Latest Security Advisories - November 30, 2016 - 12:00am
Apache Subversion CVE-2016-8734 XML External Entity Denial of Service Vulnerability
Categories:

Vuln: Emerson DeltaV CVE-2016-9345 Local Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - November 30, 2016 - 12:00am
Emerson DeltaV CVE-2016-9345 Local Privilege Escalation Vulnerability
Categories:

Vuln: Multiple Emerson Products CVE-2016-9347 Security Bypass Vulnerability

Security Focus Latest Security Advisories - November 30, 2016 - 12:00am
Multiple Emerson Products CVE-2016-9347 Security Bypass Vulnerability
Categories:

Vuln: Emerson Liebert SiteScan CVE-2016-8348 XML External Entity Information Disclosure Vulnerability

Security Focus Latest Security Advisories - November 30, 2016 - 12:00am
Emerson Liebert SiteScan CVE-2016-8348 XML External Entity Information Disclosure Vulnerability
Categories:

Vuln: Dell iDRAC7 and iDRAC8 Devices CVE-2016-5685 Code Injection Vulnerability

Security Focus Latest Security Advisories - November 30, 2016 - 12:00am
Dell iDRAC7 and iDRAC8 Devices CVE-2016-5685 Code Injection Vulnerability
Categories:

next-20161130: linux-next

Linux Kernel Updates - November 29, 2016 - 11:01pm
Version:next-20161130 (linux-next) Released:2016-11-30

3.18.45: longterm

Linux Kernel Updates - November 29, 2016 - 9:16pm
Version:3.18.45 (longterm) Released:2016-11-30 Source:linux-3.18.45.tar.xz PGP Signature:linux-3.18.45.tar.sign Patch:patch-3.18.45.xz (Incremental) ChangeLog:ChangeLog-3.18.45

4.1.36: longterm

Linux Kernel Updates - November 29, 2016 - 11:35am
Version:4.1.36 (longterm) Released:2016-11-29 Source:linux-4.1.36.tar.xz PGP Signature:linux-4.1.36.tar.sign Patch:patch-4.1.36.xz (Incremental) ChangeLog:ChangeLog-4.1.36

3.12.68: longterm

Linux Kernel Updates - November 29, 2016 - 10:56am
Version:3.12.68 (longterm) Released:2016-11-29 Source:linux-3.12.68.tar.xz PGP Signature:linux-3.12.68.tar.sign Patch:patch-3.12.68.xz (Incremental) ChangeLog:ChangeLog-3.12.68

next-20161129: linux-next

Linux Kernel Updates - November 29, 2016 - 12:02am
Version:next-20161129 (linux-next) Released:2016-11-29