EUVD-2017-9752

Malware in sbrugna...

CVE-2017-11179

FineCMS through 2017-07-11 has stored XSS in route=admin when modifying user information, and in route=register when registering a user account...

Oracle Siebel CRM 16.x < 16.16 (July 2017 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the July 2017 CPU advisory. - Vulnerability in the Siebel Core CRM component of Oracle Siebel CRM subcomponent: Search. Supported versions that are affected are 16.0 and 17.0. Easily...

CVE-2017-18661

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is a buffer overflow in processciphertdea. The Samsung ID is SVE-2017-8973 July 2017...

CVE-2017-18663

An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...

CVE-2017-18660

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is a buffer overflow in tlcserver. The Samsung ID is SVE-2017-8888 July 2017...

CVE-2017-18659

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 July 2017...

CVE-2017-18659

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 July 2017...

CVE-2017-18663

An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Insight.

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos Insight. These issues were disclosed as part of the IBM Java SDK updates in April 2017 and July 2017. Vulnerability Details CVEID: CVE-2017-3511 DESCRIPTION: An unspecified vulnerability...

Symfony Authentication Bypass Vulnerability (Jul 2017)

Symfony is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sensiolabs:symfony"; ...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK 7 affect IBM Systems Director.

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 that is used by IBM Systems Director. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Vulnerability Details CVEID: CVE-2017-10115 DESCRIPTION: An unspecified vulnerability in...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect IBM B2B Advanced Communications

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 Service Refresh 9 Fix Pack 60 that is used by IBM B2B Advanced Communications. This issue was disclosed as part of the IBM Java SDK updates in July 2017 Vulnerability Details CVEID: CVE-2017-10115...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime IBM affect IBM Decision Optimization Center and IBM ILOG ODM Enterprise

Summary There are multiple vulnerabilities in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 6 and 7 used by IBM Decision Optimization Center. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Vulnerability Details If you run your own Java code using the IB...

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Business Process Manager (BPM), WebSphere Process Server (WPS), WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition (WLE) (Java CPU July 2017)

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager, WebSphere Process Server, WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition. WebSphere Application Server Liberty is shipped as a component of the optional BPM component Process Federati...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle July 2017 Critical Patch Update, plus one additional vulnerability. Vulnerability Details CVE IDs: CVE-2017-10111 CVE-2017-10110 CVE-2017-10107 CVE-2017-10101 CVE-2017-10096 CVE-2017-10090 CVE-2017-10089 CVE-2017-10087 CVE-2017-10102 CVE-2017-10116...

AIX Java Advisory : java_july2017_advisory.asc (July 2017 CPU)

The version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities in the following subcomponents : - A flaw exists in the J9 VM class verifier component that allows an unauthenticated, remote attacker to cause an escalation of privileges. CVE-2017-1376 - A flaw exis...

Fuji Xerox DocuWorks and DocuWorks Viewer Light Untrusted Search Path Vulnerability

Fuji Xerox DocuWorks and DocuWorks Viewer Light are both products of Fuji Xerox Japan.DocuWorks is a document management solution.DocuWorks Viewer Light is a document reader. An untrusted search path vulnerability exists in Fuji Xerox DocuWorks versions 8.0.7 and earlier and DocuWorks Viewer Ligh...

emailmg.startlogic.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-272023 Description| Value ---|--- Affected Website:| emailmg.startlogic.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

WordPress Logosware Suite Uploader 1.1.6 Plugin Remote File Upload Vulnerability

Exploit for php platform in category web applications - Title : WordPress Plugin Logosware Suite Uploader 1.1.6 - Remote File Upload - Author : Shahab Shamsi - Vendor : https://wordpress.org/plugins/logosware-suite-uploader/ - Category : Webapps - Date : 30.July.2017 Vulnerable Source: 176:...