Pixel / Nexus Security Bulletin—November 2017Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel/Nexus Security Bulletin contains details of security vulnerabilities and functional improvements affecting supported Google Pixel and Nexus devices Google devices. For Google devices, security patch levels of 2017-11-05 or later also address all issues in this bulletin. To learn how to...

Android Security Bulletin—October 2017Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of October 05, 2017 or later address all of these issues. To learn how to check a device's security patch level, see Check & update your Android version. Android partners ar...

Pixel / Nexus Security Bulletin—October 2017Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel/Nexus Security Bulletin contains details of security vulnerabilities and functional improvements affecting supported Google Pixel and Nexus devices Google devices. For Google devices, security patch levels of October 05, 2017 or later address all issues in this bulletin and all issues i...

CVE-2017-9037

Multiple cross-site scripting XSS vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web script or HTML via the 1 S44, 2 S5, 3 Sactionfail, 4 Sptnupdate, 5 T113, 6 T114, 7 T115, 8 T117117, 9 T118, 10 Tactionfail, 11 Tptnupdate, 12...

Google Patches 6 Critical Android Mediaserver Bugs in May Security Update

In Brief Google has released its monthly security patches for Android this week, addressing 17 critical vulnerabilities, 6 of which affect Android Mediaserver component that could be used to execute malicious code remotely. Besides patches for Mediaserver, Google also fixed 4 critical...

Windows DCE-RPC MIBEntryGet vulnerability (ErraticGopher)

Added: 04/28/2017 Background Distributed Computing Environment - Remote Procedure Call DCE-RPC is the protocol used by Windows operating systems for calling program functions on remote targets. Problem A memory corruption vulnerability in the DCE-RPC MIBEntryGet call could allow remote attackers ...

Windows DCE-RPC MIBEntryGet vulnerability (ErraticGopher)

Added: 04/28/2017 Background Distributed Computing Environment - Remote Procedure Call DCE-RPC is the protocol used by Windows operating systems for calling program functions on remote targets. Problem A memory corruption vulnerability in the DCE-RPC MIBEntryGet call could allow remote attackers ...

Windows DCE-RPC MIBEntryGet vulnerability (ErraticGopher)

Added: 04/28/2017 Background Distributed Computing Environment - Remote Procedure Call DCE-RPC is the protocol used by Windows operating systems for calling program functions on remote targets. Problem A memory corruption vulnerability in the DCE-RPC MIBEntryGet call could allow remote attackers ...

Android Security Bulletin—February 2017Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Google devices through an over-the-air OTA update. The Google device firmware images have also been released to the Google Developer...

Android Security Bulletin—January 2017Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Google devices through an over-the-air OTA update. The Google device firmware images have also been released to the Google Developer...

Fedora 23 : phpMyAdmin (2016-7fc142da66)

phpMyAdmin 4.6.5.1 2016-11-26 =============================== A patch-level release fixing two small issues : - an issue affecting a small number of users using $cfg'Servers'$i'hidedb' or $cfg'Servers'$i'onlydb'. - an issue affecting the create table dialog where the partition selection tool was...

Buffer Overflow in BSD libc Library Patched

The BSD libc library was updated recently to address a buffer overflow vulnerability that could have allowed an attacker to execute arbitrary code. The library is part of the POSIX library, which is used in BSD operating systems, like FreeBSD, NetBSD, OpenBSD. The libc library is also used in...

Fedora 25 : phpMyAdmin (2016-6576a8536b)

phpMyAdmin 4.6.5.1 2016-11-26 =============================== A patch-level release fixing two small issues : - an issue affecting a small number of users using $cfg'Servers'$i'hidedb' or $cfg'Servers'$i'onlydb'. - an issue affecting the create table dialog where the partition selection tool was...

CVE-2016-6195

SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016...

CVE-2016-6195

CVE-2016-6195 affects the vBulletin core ForumRunner addon (versions 3.6.0–4.2.3) via the postids parameter to forumrunner/request.php, enabling remote SQL injection. Root cause: improper handling in ForumRunner leading to arbitrary SQL execution. Impact: potential data exposure and compromise of...

vBulletin 3.6.x to 4.2.2/4.2.3 Forumrunner 'request.php' SQLi Vulnerability - Active Check

The vBulletin core forumrunner addon enabled by default is affected by an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

Android Security Bulletin—May 2016Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air OTA update. The Nexus firmware images have also been released to the Google Developer site...

Android Rooting Application Emergency Patch

A rooting application has been found in the wild targeting Nexus mobile devices using a local privilege escalation vulnerability patched two years ago in the Linux kernel that remains unpatched in Android. Researchers at Zimperium, the same company that discovered last summer’s Stagefright flaws...

Nexus Security Bulletin - February 2016Stay organized with collectionsSave and categorize content based on your preferences.

We have released a security update to Nexus devices through an over-the-air OTA update as part of our Android Security Bulletin Monthly Release process. The Nexus firmware images have also been released to the Google Developer site. Builds LMY49G or later and Android M with Security Patch Level o...

actiTIME 2015.2 - Multiple Vulnerabilities

actiTIME 2015.2 Multiple Vulnerabilities Vendor: Actimind, Inc. Product web page: http://www.actitime.com Affected version: 2015.2 Small Team Edition Summary: actiTIME is a web timesheet software. It allows you to enter time spent on different work assignments, register time offs and sick leaves,...