Novel Contributions to the field - How I broke MySQL's code-base (Part 2) [CVE-2016-5541] MySQL cluster remote 0day

* * * Copyright (c) 2017, Advanced Information Security Corp / Oracle Inc.* * * *

Novel Contributions to the Field - How I broke MySQL's codebase (Part 2) [CVE-2016-5541] MySQL Cluster 0day

** (c) 2017 Advanced Information Security Corporation and Oracle Inc. ** Author: Nicholas Lemonias Date: 17/01/2017 MySQL Remote 0day / Remote Buffer Overflows in 'NDBAPI' Cluster Full

[RCESEC-2016-012] Mattermost <= 3.5.1 "/error" Unauthenticated Reflected Cross-Site Scripting / Content Injection

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION === Product:Mattermost Vendor URL: www.mattermost.org Type: Cross-site Scripting [CWE-79] Date found: 02/12/2016 Date published: 16/01/2017 CVSSv3 Score: 4.7

[security bulletin] HPSBMU03685 rev.1 - HPE Insight Control server provisioning (ICsp), Multiple Remote Vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05376917 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05376917 Version: 1 HPSBMU03685 rev.1 - HPE

ESA-2016-161: EMC Isilon OneFS LDAP Injection Vulnerability

BEGIN PGP SIGNED MESSAGE- Hash: SHA256 ESA-2016-161: EMC Isilon OneFS LDAP Injection Vulnerability EMC Identifier: ESA-2016-161 CVE Identifier: CVE-2016-9870 Severity Rating: CVSS v3 Base Score: 6.0 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N) Affected products: • EMC Isilon

ESA-2016-143: EMC Documentum Webtop and Clients Stored Cross-Site Scripting Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 ESA-2016-143: EMC Documentum Webtop and Clients Stored Cross-Site Scripting Vulnerability EMC Identifier: ESA-2016-143 CVE Identifier: CVE-2016-8213 Severity Rating: CVSS v3 Base Score: 6.5 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L) Affected