CVE-2017-18655

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is a stack-based buffer overflow with resultant memory corruption in a trustlet. The Samsung IDs are SVE-2017-8889, SVE-2017-8891, and SVE-2017-8892 August 2017...

EUVD-2017-9747

Malware in sbrugna...

CVE-2017-18658

An issue was discovered on Samsung mobile devices with M6.0 software. The multiwindowfacade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 August 2017...

CVE-2017-18657

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is an arbitrary write in a trustlet. The Samsung ID is SVE-2017-8893 August 2017...

Code injection

An issue was discovered on Samsung mobile devices with M6.0 software. The multiwindowfacade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 August 2017...

CVE-2017-18656

CVE-2017-18656 describes a buffer over-read in a trustlet on Samsung mobile devices running M(6.0) and N(7.x). Affected component is the trustlet; root cause is a buffer over-read. The issue has been reported across multiple sources (NVD, Red Hat CVE page, CVE records) with the Samsung ID SVE-201...

CVE-2017-12714

Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do not restrict or limit the number of correctly formatted "RF wake-up" commands that can be received, which may allow a nearby attacker to repeatedly send commands to reduce pacemaker battery life. CVSS v3 base score: 5.3, CVSS...

libzypp RPM Package Injection Vulnerability

libzypp also known as ZYPP is the U.S. Novell-sponsored open source set of manageable engines, drivers eg: Linux applications YaST, Zypper tools. A security vulnerability exists in versions of libzypp prior to 20170803. An attacker can exploit this vulnerability by retrieving unsigned packages to...

CVE-2017-10860

Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 JST allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory...

CVE-2017-10859

Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 JST allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

August 2017 Preview of the Quality Rollups for the .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 for Windows Server 2012: August 15, 2017

August 2017 Preview of the Quality Rollups for the .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 for Windows Server 2012: August 15, 2017 View products that this article applies to. Summary This article lists the Quality Rollups for the .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, and...

August 2017 Preview of the Quality Rollups for the .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 for Windows 7 SP1 and Windows Server 2008 R2 SP1: August 15, 2017

August 2017 Preview of the Quality Rollups for the .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 for Windows 7 SP1 and Windows Server 2008 R2 SP1: August 15, 2017 View products that this article applies to. Summary This article lists the Quality Rollups for the .NET Framework 3.5.1,...

CVE-2017-12717

An Uncontrolled Search Path Element issue was discovered in Advantech WebAccess versions prior to V8.220170817. A maliciously crafted dll file placed earlier in the search path may allow an attacker to execute code within the context of the application...

addoil.com XSS vulnerability

Vulnerable URL: http://www.addoil.com/search/%22%3E%3Csvg%20onload=alert%22OPENBUGBOUNTY%22%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 167753 VIP website status:| No...

sk.fashionnetwork.com XSS vulnerability

Vulnerable URL: http://sk.fashionnetwork.com/search/?p0=rootbyte Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated...

datasheetcatalog.biz Open Redirect vulnerability

Vulnerable URL: http://datasheetcatalog.biz/url.php?url=http://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.11.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 916458 VIP website status:| No Coordinated...

wickedlocal.com XSS vulnerability

Open Bug Bounty ID: OBB-283536 Description| Value ---|--- Affected Website:| wickedlocal.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

infa-education.ru Open Redirect vulnerability

Vulnerable URL: https://infa-education.ru/redirect.php?site=http://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.11.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 6295394 VIP website status:| No...

tudocelular.com XSS vulnerability

Vulnerable URL: https://www.tudocelular.com/newfiles/adserver/adsensepanorama.php?adslot=%22%3E%3Csvg/onload=alert%27OPENBUGBOUNTY%27%3E// Details: Description| Value ---|--- Patched:| No Latest check for patch:| 24.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

CVE-2017-6996

creationtimestamp| type| source ---|---|--- 2017-08-26 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42555...