Security Advisories & Alerts


Microsoft Exchange Server CVE-2017-8621 Open Redirection Vulnerability

Description: An open redirect vulnerability exists in Microsoft Exchange that could lead to spoofing. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL, and convince the user to click the link. When an authenticated Exchange user clicks the link, the authenticated user’s browser...

Read more


Microsoft Exchange Server CVE-2017-8560 Remote Privilege Escalation Vulnerability

Description: Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an elevation of privilege vulnerability due to the way that Exchange Outlook Web Access (OWA) handles web requests, aka “Microsoft Exchange Cross-Site Scripting Vulnerability”. This CVE ID is unique from...

Read more


Microsoft Exchange CVE-2017-8559 Cross-Site Scripting Vulnerability

Description: An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive information. Impact:  Attackers can exploit this issue to gain...

Read more


Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability

Description: Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. Impact: Attackers can exploit this issue to obtain sensitive information or may crash the application resulting in...

Read more


Oracle July 2017 Critical Patch Update Multiple Vulnerabilities

Description: Oracle has released advance notification regarding the July 2017 Critical Patch Update (CPU) to be released on July 18, 2017. The update addresses 315 vulnerabilities affecting the following software:     Oracle Database Server, versions 11.2.0.4, 12.1.0.2, 12.2.0.1     Oracle REST Data Services, versions prior to 3.0.10.25.02.36     Oracle API...

Read more


Microsoft Wordpad CVE-2017-8588 Remote Code Execution Vulnerability

Description: Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it parses specially crafted files,...

Read more


Page 22 of 30« First...10...2021222324...30...Last »