QNAP QTS 4.2.x multiple vulnerabilities
===
The latest version of this advisory is available at:
https://sintonen.fi/advisories/qnap-qts-42-multiple-vulnerabilities.txt
Overview
QNAP QTS firmware contain Missing Transport Layer Security (CWE-319),
Im
# Blind Boolean SQL Injection in dotCMS <= 3.6.1 (CVE-2017-5344)
## Product Description
dotCMS is a scalable, java based, open source content management system
(CMS) that has been designed to manage and deliver personalized, permission
based content experiences across multiple channels. dotCMS ca
Here are the details of the (patched) IPv4 evasion I found in Suricata IDS/IPS:
# Software
Suricata IDS/IPS
website : https://suricata-ids.org/
editor : Open Information Security Foundation (OISF) https://oisf.net/
# Impacted version
3.2.x before 3.2.13.13
3.1.3 and before
All execution mode ar
X41 D-Sec GmbH Security Advisory: X41-2017-002
Multiple Vulnerabilities in ytnef
=
Overview
Severity Rating: High
Confirmed Affected Versions: 1.9 and earlier
Confirmed Patched Versions: 1.9.1
Vendor: Yerase
Vendor URL: https://github.com/Yeraze/ytnef
Vec
KL-001-2017-003 : Trendmicro InterScan Remote Root Access Vulnerability
Title: Trendmicro InterScan Remote Root Access Vulnerability
Advisory ID: KL-001-2017-003
Publication Date: 2017.02.15
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-003.txt
1. Vulnerability Det
KL-001-2017-002 : Trendmicro InterScan Privilege Escalation Vulnerability
Title: Trendmicro InterScan Privilege Escalation Vulnerability
Advisory ID: KL-001-2017-002
Publication Date: 2017.02.15
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-002.txt
1. Vulnerability
KL-001-2017-001 : Trendmicro InterScan Arbitrary File Write
Title: Trendmicro InterScan Arbitrary File Write
Advisory ID: KL-001-2017-001
Publication Date: 2017.02.15
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-001.txt
1. Vulnerability Details
Affected Vend