>> ARCHIVE: 2017-07

LibTIFF versions 4.0.8 and below suffer from a denial of service vulnerability in tif_jbig.c.

LibTIFF version 4.0.7 suffers from a _TIFFVGetField (tiffsplit) out-of-bounds read vulnerability.

Firmware reversing of the Barracuda Web Application Firewall uncovered debug features that should have been removed on the production images. Appending a debugging statement onto a grub configuration line leads…

Firmware reversing of the Barracuda Web Application Firewall uncovered development artifacts that should have been removed on the production images. Once the encryption scheme was broken, many QA and development…

The grub password for all Barracuda WAF V360 virtual appliances is four characters in length and, as a result, may be trivially easy to crack. Firmware version 8.0.1.014 is affected.

The Barracuda WAF management application transmits the current user and session identifier over HTTP GET. Firmware version 8.0.1.014 is affected.

Barracuda WAF V360 with firmware 8.0.1.014 suffers from a support tunnel hijacking vulnerability.

Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 has hard-coded credentials.

An independent vulnerability laboratory researcher discovered a client-side cross site request forgery vulnerability in …

Yaws server version2.0 suffers from multiple cross site scripting vulnerabilities.