[FD] ESA-2017-115: EMC AppSync Host Plug-in Denial of Service Vulnerability

2017-09-26 Thread EMC Product Security Response Center
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 ESA-2017-115: EMC AppSync Host Plug-in Denial of Service Vulnerability EMC Identifier: ESA-2017-115 CVE Identifier: CVE-2017-8018 Severity Rating: CVSS v3 Base Score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Affected products: EMC AppSyn

[FD] ESA-2017-119: EMC Elastic Cloud Storage Undocumented Account Vulnerability

2017-09-26 Thread EMC Product Security Response Center
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 ESA-2017-119: EMC Elastic Cloud Storage Undocumented Account Vulnerability EMC Identifier: ESA-2017-119 CVE Identifier: CVE-2017-8021 Severity Rating: CVSS Base Score: 9.4 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H) Affected products: * EMC Elasti

[FD] CSRF/XSS in Content Audit allowing an unauthenticated attacker to do almost anything an admin can (WordPress plugin)

2017-09-26 Thread dxw Security
Details Software: Content Audit Version: 1.9.1 Homepage: https://wordpress.org/plugins/content-audit/ Advisory report: https://security.dxw.com/advisories/csrf-xss-content-audit/ CVE: Awaiting assignment CVSS: 5.8 (Medium; AV:N/AC:M/Au:N/C:P/I:P/A:N) Description C

[FD] Qualys Security Advisory - Linux PIE/stack corruption (CVE-2017-1000253)

2017-09-26 Thread Qualys Security Advisory
Qualys Security Advisory Linux PIE/stack corruption (CVE-2017-1000253) Contents Summary Analysis Exploitation Acknowledgments

[FD] Advisory: Git cvsserver OS Command Injection

2017-09-26 Thread joernchen
Hi, see attached advisory. Cheers, joernchen -- joernchen ~ Phenoelit ~ C776 3F67 7B95 03BF 5344 http://www.phenoelit.de ~ A46A 7199 8B7B 756A F5AC Phenoelit Advisory [ Authors ] joernchen Phenoelit Group (http://www.phenoelit.de) [ Affected Products ] Git