357 matches found
CVE-2017-1522
IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
[SECURITY] Fedora 27 Update: samba-4.7.0-12.fc27
Samba is the standard Windows interoperability suite of programs for Linux and Unix...
[SECURITY] Fedora 26 Update: samba-4.6.8-0.fc26
Samba is the standard Windows interoperability suite of programs for Linux and Unix...
gnutls security, bug fix, and enhancement update
3.3.26-9 - Address crash in OCSP status request extension, by eliminating the unneeded parsing CVE-2017-7507, 1455828 3.3.26-7 - Address interoperability issue with 3.5.x 1388932 - Reject CAs which are both trusted and blacklisted in trust module 1375303 - Added new functions to set issuer and...
Bad Code Library Triggers Devil's Ivy Vulnerability in Millions of IoT Devices
Tens of millions of products ranging from airport surveillance cameras, sensors, networking equipment and IoT devices are vulnerable to a flaw that allows attackers to remotely gain control over devices or crash them. The vulnerability, dubbed Devil’s Ivy, was identified by researchers at Senrio...
NSA-Backed OpenC2.org Aims to Defend Systems at Machine Speed
NEW YORK–The dynamics of a cyberattack often include speed, automation and adaptive tradecraft. Mounting an effective defense, however, isn’t always fast enough. To help even the score, a group led by the National Security Agency called OpenC2.org is developing an open, standardized computer...
[SECURITY] Fedora 25 Update: samba-4.5.10-0.fc25
Samba is the standard Windows interoperability suite of programs for Linux and Unix...
[SECURITY] Fedora 24 Update: samba-4.4.14-0.fc24
Samba is the standard Windows interoperability suite of programs for Linux and Unix...
CVE-2017-1282
IBM Content Navigator & CMIS 2.0 and 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124760...
How to use. NET managed DCOM to achieve elevation of privilege-vulnerability warning-the black bar safety net
Affect the interoperability of technical vulnerabilities are a class of more interesting security vulnerabilities, this is because these vulnerabilities typically affect the use of the technology is any application, whether the application actually perform what operation. Similarly, in many cases...
Exploiting .NET Managed DCOM
Posted by James Forshaw, Project Zero One of the more interesting classes of security vulnerabilities are those affecting interoperability technology. This is because these vulnerabilities typically affect any application using the technology, regardless of what the application actually does. Als...
[SECURITY] Fedora 24 Update: samba-4.4.13-1.fc24
Samba is the standard Windows interoperability suite of programs for Linux and Unix...
[SECURITY] Fedora 26 Update: samba-4.6.2-0.fc26
Samba is the standard Windows interoperability suite of programs for Linux and Unix...
[SECURITY] Fedora 25 Update: samba-4.5.8-0.fc25
Samba is the standard Windows interoperability suite of programs for Linux and Unix...
OracleVM 3.3 / 3.4 : gnutls (OVMSA-2017-0054)
The remote OracleVM system is missing necessary patches to address critical security updates : - Upgraded to 2.12.23 to incorporate multiple TLS 1.2 fixes 1326389, 1326073, 1323215, 1320982, 1328205, 1321112 - Modified gnutls-serv to accept --sni-hostname 1333521 - Modified gnutls-serv to always...
[SECURITY] Fedora 24 Update: samba-4.4.9-0.fc24
Samba is the standard Windows interoperability suite of programs for Linux and Unix...
Fedora 25 : mod_cluster (2016-b6866c5c35)
Fixed remote exploits in Apache HTTP Server modmanager and modproxycluster modules, fixed performance problems with shared memory, fixed thread pool off-by-one errors, enhanced Tomcat 8 interoperability, fixed modproxy integration, added WebSockets proxy layer for modcluster. Note that Tenable...
CVE-2016-6430
A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System IPICS could allow an authenticated, local attacker to elevate the privilege level associated with their session. More Information: CSCva38636. Known Affected Releases: 4.101. Known Fixed...
CVE-2016-6397
A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System IPICS Universal Media Services UMS could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable. Affect...
CVE-2016-6397
Cisco IPICS Universal Media Services (UMS) vulnerable via its interdevice communications interface. Affects Cisco IPICS releases 4.8(1)–4.10(1). The issue allows an unauthenticated, remote attacker to modify UMS configuration parameters and render the system unavailable. Root cause described as i...