[FD] APPLE-SA-2017-07-19-1 iOS 10.3.3

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2017-07-19-1 iOS 10.3.3 iOS 10.3.3 is now available and addresses the following: Contacts Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation Impact: A remote attacker may be able to cause unexp

[FD] APPLE-SA-2017-07-19-2 macOS 10.12.6

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2017-07-19-2 macOS 10.12.6 macOS 10.12.6 is now available and addresses the following: afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memo

[FD] APPLE-SA-2017-07-19-3 watchOS 3.2.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2017-07-19-3 watchOS 3.2.2 watchOS 3.2.2 is now available and addresses the following: Contacts Available for: All Apple Watch models Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code exec

[FD] APPLE-SA-2017-07-19-4 tvOS 10.2.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2017-07-19-4 tvOS 10.2.2 tvOS 10.2.2 is now available and addresses the following: Contacts Available for: Apple TV (4th generation) Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execu

[FD] APPLE-SA-2017-07-19-5 Safari 10.1.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2017-07-19-5 Safari 10.1.2 Safari 10.1.2 is now available and addresses the following: Safari Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.6 Impact: Processing maliciously crafted web content may l

[FD] APPLE-SA-2017-07-19-6 iTunes 12.6.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2017-07-19-6 iTunes 12.6.2 iTunes 12.6.2 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: An application may be able to execute arbitrary code with system privileges Description: An access is

[FD] APPLE-SA-2017-07-19-7 iCloud for Windows 6.2.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2017-07-19-7 iCloud for Windows 6.2.2 iCloud for Windows 6.2.2 is now available and addresses the following: libxml2 Available for: Windows 7 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user info

[FD] Multiple XSS (POST request) Vulnerabilities in TestServlet (PeopleSoft)

1. ADVISORY INFORMATION Title: Multiple XSS (POST request) Vulnerabilities in TestServlet (PeopleSoft) Advisory ID: [ERPSCAN-17-037] Advisory URL: https://erpscan.com/advisories/erpscan-17-037-multiple-xss-vulnerabilities-testservlet-peoplesoft/ Risk: Medium Date published: 18.07.2017 Vendor cont

[FD] Directory Traversal vulnerability in Integration Gateway (PSIGW)

1. ADVISORY INFORMATION Title: Directory Traversal vulnerability in Integration Gateway (PSIGW) Advisory ID: [ERPSCAN-17-038] Advisory URL: https://erpscan.com/advisories/erpscan-17-038-directory-traversal-vulnerability-integration-gateway-psigw/ Risk: High Date published: 18.07.2017 Vendor conta

[FD] File Upload in Integration Gateway (PSIGW)

1. ADVISORY INFORMATION Title: File Upload in Integration Gateway (PSIGW) Advisory ID: [ERPSCAN-17-039] Advisory URL: https://erpscan.com/advisories/erpscan-17-039-file-upload-integration-gateway-psigw-peoplesoft/ Risk: High Date published: 18.07.2017 Vendor contacted: Oracle 2. VULNERABILITY IN

[FD] Google’s Android News and Weather App Doesn’t Always Use SSL [CVE-2017-9245]

[Blog post here: https://wwws.nightwatchcybersecurity.com/2017/07/18/advisory-googles-android-news-and-weather-app-doesnt-always-use-ssl-cve-2017-9245/] SUMMARY Google News and Weather Application for Android does not use SSL for some server calls, exposing authentication tokens (OAuth) to anyone