XML External Entity via “.AOP” files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.
Category Archives: Security
Security
CVE-2017-7643
Proxifier for Mac before 2.19 allows local users to gain privileges via the first parameter to the KLoader setuid program.
CVE-2015-8356
Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to admin/mcart_xls_import.php or the (2) xls_iblock_id, (3) xls_iblock_section_id, (4) firstRow, (5) titleRow, (6) firstColumn, (7) highestColumn, (8) sku_iblock_id, or (9) xls_iblock_section_id_new parameter to admin/mcart_xls_import_step_2.php.
Slackware Security Advisory – bind Updates
Slackware Security Advisory – New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
HP Security Bulletin HPESBGN03728 1
HP Security Bulletin HPESBGN03728 1 – Potential security vulnerabilities in OpenSSL have been addressed in HPE Operations Agent. These vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) and/or Unauthorized Access to Data. Revision 1 of this advisory.