*Universal multifunctional Electric Power Quality Meter BINOM3 - Multiple
Vulnerabilities*
*About*
The meters are designed for autonomous operation in automated systems:
• SCADA systems
• Data aquisition and transmission systems
• Automated data and measurement systems for revenue and technical
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:Oxwall 1.8.0 (build 9900)
Fixed in:1.8.2
Fixed Version Link: https://developers.oxwall.com/download
Vendor Website: http://www.oxwall.org/
Vulnerability Type: XSS & Open Redirect
Remote Exploitable:
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:MyBB 1.8.6
Fixed in:1.8.7
Fixed Version Link: http://resources.mybb.com/downloads/mybb_1807.zip
Vendor Website: http://www.mybb.com/
Vulnerability Type: Improper validation of data passed to eval
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:MyBB 1.8.6
Fixed in:1.8.7
Fixed Version Link: http://resources.mybb.com/downloads/mybb_1807.zip
Vendor Website: http://www.mybb.com/
Vulnerability Type: SQL Injection
Remote Exploitable: Yes
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:MyBB 1.8.6
Fixed in:not fixed
Fixed Version Link: n/a
Vendor Website: http://www.mybb.com/
Vulnerability Type: CSRF, Weak Hashing, Plaintext Passwords
Remote Exploitable: Yes
Reported to vendor:
Original at:
https://wwws.nightwatchcybersecurity.com/2016/09/14/advisory-insecure-transmission-of-data-in-android-applications-developed-with-adobe-air-cve-2016-6936/
Summary
Android applications developed with Adobe AIR send data back to Adobe
servers without HTTPS while running. This can
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:Kajona 4.7
Fixed in:5.0
Fixed Version Link: https://www.kajona.de/en/Downloads/
downloads.get_kajona.html
Vendor Website: https://www.kajona.de/
Vulnerability Type: XSS &
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:Peel Shopping 8.0.2
Fixed in:8.0.3
Fixed Version Link: www.peel-shopping.com
Vendor Website: www.peel-shopping.com
Vulnerability Type: Object Injection
Remote Exploitable: Yes
Reported to vendor:
Hello list!
There are multiple vulnerabilities in ASUS Wireless Router RT-N10. There are
Code Execution, Cross-Site Scripting and URL Redirector Abuse
vulnerabilities.
-
Affected products:
-
Vulnerable are the next models: ASUS RT-N10, RT-N10E,
Greetings,
(cc: Thanh Nguyen, VNSecurity)
We are excited to release Keypatch 2.0, a better assembler for IDA Pro!
This new version of Keypatch brings some important features, as follows.
- Fix some issues with ARM architecture (including Thumb mode)
- Better support for Python 2.6 & older IDA
Either Samsung reads this list or they just have great timing. Just shy of
three weeks later they responded asking for more information. Hope they
close it soon.
On Mon, Sep 12, 2016 at 8:01 PM, Justa Person wrote:
> Sure..Was having one heck of a time figuring out the
# Security Advisory -- Multiple Vulnerabilities - MuM Map Edit
## Product
Vendor: Mensch und Maschine Software SE / Mensch und Maschine acadGraph GmbH
Product: MapEdit
Affected software version: 3.2.6.0
MuM MapEdit provides geodata to the internet and intranets and is deployed on
several
Sure..Was having one heck of a time figuring out the proper number to enter
into the web form for my own repair and got to thinking about how terrible
it seemed to disclose all that info based on just a ticket number and
telephone number..And that I had tried a LOT of combinations from the info
You wish to give anymore info on how u came cross this? Please.
Ta
On 12 Sep 2016 17:45, "Justa Person" wrote:
> Samsung has zero interest in fixing this and I'm tired of trying to report
> it to them. Enjoy.
>
> http://pastebin.com/cKu2WDGV
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-09-14-1 iOS 10.0.1
iOS 10.0.1 is now available and addresses the following:
Kernel
Available for: iPhone 5 and later, iPad 4th generation and later,
iPod touch 6th generation and later
Impact: An application may be able to disclose
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-09-13-2 Xcode 8
Xcode 8 is now available and addresses the following:
otool
Available for: OS X El Capitan 10.11.5 and later
Impact: A local attacker may be able to cause unexpected application
termination or arbitrary code
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-09-13-3 watchOS 3
watchOS 3 is now available and addresses the following:
GeoServices
Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition,
and Apple Watch Hermès
Impact: An application may be able to read sensitive
17 matches
Mail list logo