Adobe Acrobat DC (Continuous Track) Security Updates (APSB18-34) - Mac OS X

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat Reader DC (Continuous Track) Multiple Arbitrary Code Execution Vulnerabilities (APSB18-29) - Mac OS X

Adobe Acrobat Reader DC Continuous Track is prone to multiple arbitrary code execution vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Adobe Acrobat Reader DC (Continuous Track) Multiple Arbitrary Code Execution Vulnerabilities (APSB18-29) - Windows

Adobe Acrobat Reader DC Continuous Track is prone to multiple arbitrary code execution vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Adobe Acrobat DC (Continuous Track) Multiple Arbitrary Code Execution Vulnerabilities (APSB18-29) - Windows

Adobe Acrobat DC Continuous Track is prone to multiple arbitrary code execution vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Adobe Acrobat DC (Continuous Track) Multiple Arbitrary Code Execution Vulnerabilities (APSB18-29) - Mac OS X

Adobe Acrobat DC Continuous Track is prone to multiple arbitrary code execution vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Qualys Cloud Platform 2.34 New Features

This release of the Qualys Cloud Platform version 2.34 includes updates and new features for Cloud Agent, EC2 Connector, Continuous Monitoring, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows. Cloud Agent Automatic Merge of Cloud...

BlackHat Week is Coming Up

It’s that time of the year again and our team is packing up to go to Las Vegas. Our theme this year is DevSecOps. As companies are embracing DevOps processes, adopt continuous development and continuous integration and follow the agile methodology, it becomes obvious that the old security model o...

GitLab CE and EE Cross-Site Scripting Vulnerabilities

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. A cross-site scriptin...

Imperva to Acquire DevOps Security Leader Prevoty

Today, we announced that we entered into an agreement to acquire Prevoty, an innovator and leader in building application security that can block attacks and monitor interactions inside application stacks using DevOps and agile development. I’m incredibly excited that the Prevoty team will join...

Apache Httpd < 2.4.35 : DoS for HTTP/2 connections by continuous SETTINGS

By sending continous SETTINGS frames of maximum size an ongoing HTTP/2 connection could be kept busy and would never time out. This can be abused for a DoS on the server. This only affect a server that has enabled the h2 protocol...

CVE-2016-9484 PHP FormMail Generator generates PHP code for standard web forms, and the code generated does not properly validate user input folder directories and is vulnerable to path traversal

The generated PHP form code does not properly validate user input folder directories, allowing a remote unauthenticated attacker to perform a path traversal and access arbitrary files on the server. The PHP FormMail Generator website does not use version numbers and is updated continuously. Any P...

Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities (APSB18-21) - Windows

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat Reader DC (Continuous Track) Multiple Vulnerabilities (APSB18-21) - Windows

Adobe Acrobat Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat Reader DC (Continuous Track) Multiple Vulnerabilities (APSB18-21) - Mac OS X

Adobe Acrobat Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities (APSB18-21) - Mac OS X

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Debian DSA-4234-1 : lava-server - security update

Two vulnerabilities were discovered in LAVA, a continuous integration system for deploying operating systems for running tests, which could result in information disclosure of files readable by the lavaserver system user or the execution of arbitrary code via a XMLRPC call. C Tenable Network...

[SECURITY] [DSA 4234-1] lava-server security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4234-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 22, 2018 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-4234-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Continuous Data Protection for Files (CVE-2016-2542)

Summary InstallShield generates installation executables which are vulnerable to a DLL-planting that affects the IBM Tivoli Continuous Data Protection for Files Client. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a local attacker to gain elevated...

Security Bulletin: A vulnerability in the GSKit component of IBM Tivoli Continuous Data Protection for Files (CVE-2016-0201)

Summary A vulnerability has been addressed in the GSKit component in the underlying Tivoli Storage Manager API included in IBM Tivoli Continous Data Protection for Files. Vulnerability Details CVEID: CVE-2016-0201 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive informatio...