Bugtraq: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

56 messages starting Dec 01 16 and ending Dec 28 16
Date index | Thread index | Author index

Thursday, 01 December

[slackware-security] mozilla-firefox (SSA:2016-336-01) Slackware Security Team

Monday, 05 December

Microsoft Windows Media Center "ehshell.exe" XML External Entity apparitionsec
Microsoft MSINFO32.EXE ".NFO" Files XML External Entity apparitionsec
CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used Eissing Stefan

Tuesday, 06 December

Re: CVE-2016-3222: MS Edge CBaseScriptable::PrivateQueryInterface memory corruption Berend-Jan Wever
CVE-2015-1730: MSIE jscript9 Java­Script­Stack­Walker memory corruption details and PoC Berend-Jan Wever

Wednesday, 07 December

[ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security ESNC Security
Microsoft Remote Desktop Client for Mac Remote Code Execution Filippo Cavallarin
[security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information security-alert

Thursday, 08 December

CVE-2013-1306: MSIE 9 MSHTML CDisp­Node::Insert­Sibling­Node use-after-free details Berend-Jan Wever
AST-2016-008: Crash on SDP offer or answer from endpoint using Opus Asterisk Security Team
AST-2016-009: <br> Asterisk Security Team
Symantec VIP Access Desktop Arbitrary DLL Execution apparitionsec

Friday, 09 December

MSIE 9 MSHTML CElement::Has­Flag memory corruption Berend-Jan Wever

Monday, 12 December

[SECURITY] [DSA 3730-1] icedove security update Salvatore Bonaccorso
[SECURITY] CVE-2016-8745 Apache Tomcat Information Disclosure Mark Thomas
APPLE-SA-2016-12-12-1 iOS 10.2 Apple Product Security
APPLE-SA-2016-12-12-3 tvOS 10.1 Apple Product Security
APPLE-SA-2016-12-12-2 watchOS 3.1.1 Apple Product Security

Tuesday, 13 December

Apple iOS/tvOS/watchOS Remote memory corruption through certificate submit
[slackware-security] php (SSA:2016-347-03) Slackware Security Team
[slackware-security] kernel (SSA:2016-347-01) Slackware Security Team
APPLE-SA-2016-12-13-3 iTunes 12.5.4 Apple Product Security

Wednesday, 14 December

APPLE-SA-2016-12-13-2 Safari 10.0.2 Apple Product Security
APPLE-SA-2016-12-13-5 Additional information for APPLE-SA-2016-12-12-1 iOS 10.2 Apple Product Security
APPLE-SA-2016-12-13-8 Transporter 1.9.2 Apple Product Security
APPLE-SA-2016-12-13-7 Additional information for APPLE-SA-2016-12-12-2 watchOS 3.1.1 Apple Product Security
MSIE 9 MSHTML CMarkup::ReloadInCompatView use-after-free Berend-Jan Wever
[slackware-security] mozilla-firefox (SSA:2016-348-01) Slackware Security Team
CVE-2013-3143: MSIE 9 IEFRAME CMarkup..Remove­Pointer­Pos use-after-free Berend-Jan Wever
Secunia Research: Microsoft Windows Type 1 Font Processing Vulnerability Secunia Research
Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability hyp3rlinx

Thursday, 15 December

Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565] Dawid Golunski
MSIE 9 IEFRAME CMarkup­Pointer::Move­To­Gap use-after-free Berend-Jan Wever

Friday, 16 December

CVE-2013-0090: MSIE 9 IEFRAME CView::EnsureSize use-after-free Berend-Jan Wever
CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom unlimitsec
[SECURITY] [DSA 3736-1] libupnp security update Sebastien Delafond
[security bulletin] HPSBMU03684 rev.1 - HPE Version Control Repository Manager (VCRM), Multiple Remote Vulnerabilities security-alert

Monday, 19 December

Samsung DVR credentials encoded in base64 in cookie header Jacobo Avariento
[SECURITY] [DSA 3738-1] tomcat7 security update Sebastien Delafond
[SYSS-2016-115] Cisco Expressway: Security Bypass Vulnerability (CWE-20) Micha Borrmann

Tuesday, 20 December

CVE-2014-1785: MSIE 11 MSHTML CSpliceTreeEngine::RemoveSplice use-after-free Berend-Jan Wever

Wednesday, 21 December

[SECURITY] [DSA 3743-1] python-bottle security update Sebastien Delafond
ASP.NET Core 5-RC1 HTTP Header Injection Advisories
[SECURITY] [DSA 3732-2] php-ssh2 regression update Sebastien Delafond

Thursday, 22 December

CVE-2014-4138: MSIE 11 MSHTML CPaste­Command::Convert­Bitmapto­Png heap-based buffer overflow Berend-Jan Wever
FreeBSD Security Advisory FreeBSD-SA-16:39.ntp FreeBSD Security Advisories

Friday, 23 December

[SECURITY] [DSA 3744-1] libxml2 security update Salvatore Bonaccorso

Sunday, 25 December

XAMPP Control Panel Memory Corruption Denial Of Service HYP3RLINX
[slackware-security] httpd (SSA:2016-358-01) Slackware Security Team
[slackware-security] openssh (SSA:2016-358-02) Slackware Security Team
[slackware-security] expat (SSA:2016-359-01) Slackware Security Team
[SECURITY] [DSA 3746-1] graphicsmagick security update Luciano Bello

Tuesday, 27 December

PHPMailer < 5.2.18 Remote Code Execution [updated advisory] [CVE-2016-10033] Dawid Golunski
PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch) Dawid Golunski

Wednesday, 28 December

[CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage Oleksandr Rudyy

Previous period

Next period