Adobe Acrobat and Reader Buffer Errors (APSB18-21: CVE-2018-5037)

A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

Adobe Acrobat and Reader Buffer Errors (APSB18-21: CVE-2018-5034)

A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

FreeBSD : zziplib - multiple vulnerabilities (7764b219-8148-11e8-aa4d-000e0cd7b374)

NIST reports by search in the range 2017/01/01 - 2018/07/06 : 17 security fixes in this release : - Heap-based buffer overflow in the zzipget32 function in fetch.c. - Heap-based buffer overflow in the zzipget64 function in fetch.c. - Heap-based buffer overflow in the zzipmementryextrablock functi...

Threat Outbreak Alert RuleID33133: Email Messages Distributing Malicious Software on July 6, 2018

Medium Alert ID: 58384 First Published: 2018 July 6 15:40 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID33133 may contain the following files: Name | Size...

CentOS 7 : libvirt (CESA-2018:1997) (Spectre)

An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

CentOS Update for libvirt CESA-2018:1997 centos7

Check the version of libvirt SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882917";...

libvirt security update

CentOS Errata and Security Advisory CESA-2018:1997 An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Rockwell Automation Allen-Bradley Stratix 5950

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Allen-Bradley Stratix 5950 Vulnerabilities: Improper Input Validation, Improper Certificate Validation, Resource Management Errors 2. RISK EVALUATION Successful...

Navigating an Uncharted Future, Bug Bounty Hunters Seek Safe Harbors

When researcher Kevin Finisterre found a security error in drone-maker DJI’s systems enabling him to access flight log data and images of customers, he thought he had hit the $30,000 jackpot as part of the drone company’s newly announced bug bounty program. Instead, when the incident occurred in...

Debian DLA-1406-1 : firefox-esr security update

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site request forgery or information disclosure. For Debian 8 'Jessie', these problems hav...

[SECURITY] [DLA 1406-1] firefox-esr security update

Package : firefox-esr Version : 52.9.0esr-1deb8u1 CVE ID : CVE-2018-5156 CVE-2018-5188 CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors...

Important: Red Hat Security Advisory: libvirt security and bug fix update

An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Debian: Security Advisory (DSA-4235-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerability of Microsoft Edge, Internet Explorer browsers, and the JavaScript scenario handler ChakraCore, caused by memory object handling errors, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft Edge, Internet Explorer, and the JavaScript scenario handler ChakraCore arises from the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

Five easy ways to recognize and dispose of malicious emails

I suppose we all get our share of spam. Some more than others. But how do we differentiate between simple commercial spam and the types of emails that want to get us in trouble? The unsolicited commercial spam email is generally easy to recognize, report, and discard, but what about more dangerou...

Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple openssl vulnerabilities

Summary Multiple security vulnerabilities have been discovered in openssl that is embedded in the IBM FSM. This fix addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2016-0799 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory...

The vulnerability of the Office Graphics component in the Microsoft Office software suite allows a hacker to execute arbitrary code.

The vulnerability of the Office Graphics component in the Microsoft Office software suite is related to code generation errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted embedded fonts from within the software...

Security Bulletin: Apache Tomcat Vulnerabilities in IBM UrbanCode Deploy (CVE-2014-0075,CVE-2014-0095,CVE-2014-0096,CVE-2014-0099,CVE-2014-0119)

Summary Previous releases of IBM UrbanCode Deploy are affected by vulnerabilities in Apache Tomcat that may allow remote attackers to influence the availability of the server or obtain sensitive information. Vulnerability Details | Subscribe to My Notifications to be notified of important product...

Security Bulletin: Multiple vulnerabilities in Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Summary Multiple vulnerabilities in Firefox affect IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance CVE-2015-4495, CVE-2015-0797, and others. Vulnerability Details CVEID: CVE-2015-0797 DESCRIPTION: Mozilla Firefox and Thunderbird are vulnerable to a buffer overflow, caused by...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM MessageSight (CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by IBM MessageSight. IBM MessageSight has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-1789 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an...