EUVD-2018-6459

Malware in sbrugna...

Security Bulletin:Security Vulnerability in IBM Java SDK for Quarterly CPU - April 2017 affect IBM Rational Software Architect and Rational Software Architect for WebSphere Software (CVE-2017-3511)

Summary Security vulnerability in IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM Rational Software Architect and Rational Software Architect for WebSphere Software..The CVE CVE-2017-3511 were disclosed as part of the IBM Java SDK updates in April 2017. Vulnerability...

Code injection

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-811...

CVE-2017-18676

An issue was discovered on Samsung mobile devices with N7.0 Qualcomm chipsets software. There is an RKP kernel protection bypass in which unwanted memory mappings may occur because of a lack of MSR trapping. The Samsung ID is SVE-2016-7901 April 2017...

CVE-2017-18679

CVE-2017-18679 affects Samsung mobile devices running Android M (6.0). The issue arises from SLocation triggering a system crash when calling an API that is not implemented. The vulnerability impact is a denial of service via a crash, with an Availability impact of HIGH per CVSS 3.1 metrics, and ...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Insight.

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos Insight. These issues were disclosed as part of the IBM Java SDK updates in April 2017 and July 2017. Vulnerability Details CVEID: CVE-2017-3511 DESCRIPTION: An unspecified vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Fabric Manager

Summary There are multiple vulnerabilities in IBMR SDK JavaTM Technology Edition, Version 7 used by IBM Fabric Manager. These issues were disclosed as part of the IBM Java SDK updates in April 2017. Vulnerability Details Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect API Connect

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by IBM API Connect. These issues were disclosed as part of the IBM Java SDK updates in January 2017 and April 2017. Vulnerability Details CVEID: CVE-2016-5546 DESCRIPTION: An unspecified vulnerability related to the...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server April 2017 CPU that is bundled with IBM WebSphere Application Server Patterns and IBM WebSphere Application Server for Cloud.

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates in April 2017. Vulnerability Details For information on the IBM Java SDK that is now bundled with...

Security Bulletin:Multiple Vulnerabilities in IBM® Java SDK affects WebSphere Application Server April 2017 CPU

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in April 2017. These may affect some configurations of IBM WebSphere Application Server...

Security Updates for Internet Explorer (April 2017)

The Internet Explorer installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a...

17-years-old kid hacks US air force for the good

By Uzair Amir In April 2017, it was reported that the US Department of Defence This is a post from HackRead.com Read the original post: 17-years-old kid hacks US air force for the good...

InsomniaX 2.1.8 Arbitrary Kernel Extension Loading Vulnerability

It was found that the loader application bundled with InsomniaX can be used to load arbitrary Kernel Extensions kext. The loader is normally used to load a kext file that is needed to disable the Lid Sleep. A flaw has been found in the loader that allows a local attacker to load or unload any...

CVE-2017-8291

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile %pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017...

gcmutualbank.com.au XSS vulnerability

Vulnerable URL: http://www.gcmutualbank.com.au/uploads/annual-report/2015/bookContent.swf?currentHTMLURL=data:text/html;base64,PHNjcmlwdD5hbGVydCgnT1BFTiBCVUdCT1VOVFknKTwvc2NyaXB0Pg== Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS...

beautyshop.fr XSS vulnerability

Vulnerable URL: https://www.beautyshop.fr//"--!" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 592771 VIP website status:| No Check beautyshop.fr SSL connection:| Grade: A...

chepstowbeacon.co.uk XSS vulnerability

Vulnerable URL: http://www.chepstowbeacon.co.uk/search.cfm?sectionIs=search=LocalNews=2011="--!"= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 5031297 VIP website status:| No...

zoomed.com XSS vulnerability

Vulnerable URL: http://www.zoomed.com/db/products/Search.php?DatabaseID=2=aviansun=3KNOXSS Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 498054 VIP website status:| No Check...

kitbag.com XSS vulnerability

Vulnerable URL: http://www.kitbag.com/stores/kitbag/en/help?hpg=placingyourorder"-confirmOPENBUGBOUNTY-" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 95716 VIP website status:| N...

Oracle Enterprise Manager Grid Control Multiple Vulnerabilities (April 2017 CPU) (SWEET32)

The version of Oracle Enterprise Manager Grid Control installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities : - Multiple integer overflow conditions exist in the OpenSSL component in s3srvr.c, sslsess.c, and t1lib.c due to improper use of...