[security bulletin] HPSBGN03108 rev.1 - HP Records Manager, Remote Cross-Site Scripting (XSS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04441391 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04441391 Version: 1 SUPPORT COMMU

[CERT VU#121036 / Multiple CVEs] RCE, domain admin creds leakage and more in BMC Track-It!

Hi, tl;dr - I am releasing two 0 day exploits for BMC Track-It!. One is a RCE and the other gets you the domain admin and SQL database creds. Other minor vulns are also disclosed. Details below. CERT handled the disclosure for these vulnerabilities (see CERT VU#121036) and according to them BMC d

[security bulletin] HPSBMU03118 rev.2 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04468121 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04468121 Version: 2 HPSBMU03118

Multiple vulnerabilities in DrayTek VigorACS SI

DrayTek VigorACS SI ( <= 1.3.0) Vigor ACS-SI Edition is a Central Management System for DrayTek routers and firewalls, providing System Integrators or system administration personnel a real-time integrated monitoring, configuration and management platform.