Secunia Security Advisory - Ubuntu has issued an update for openssl. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions in an application using the library.
437136c2b6d4c58de22a78afe4d04237a3da9a57a59713b7363d6b3f84dd6fb3
Secunia Security Advisory - A weakness has been reported in the Secure Login module for Drupal, which can be exploited by malicious people to conduct spoofing attacks.
6a5dcea1138907bac81b8d38c6dc8b0ace4938837cf2debd399056437fb8f8f0
Secunia Security Advisory - A vulnerability with an unknown impact has been reported in multiple Sybase products.
b3b7de1ffcf8045bdc6355426edaf09b1bad8236ebf768a2a6c8c2ed5274f70b
Secunia Security Advisory - A vulnerability has been reported in the Authen::ExternalAuth extension for RT, which can be exploited by malicious people to bypass certain security restrictions.
d3a746eb41a3b0acd05d875969f2d7e618d666f75397e20bab9a14f39a98a595
Secunia Security Advisory - Some Vulnerabilities have been reported in the RTFM extension for RT, which can be exploited by malicious people to conduct cross-site scripting attacks.
70b1f89b1a0ef7f025ea8bc1bab05b8194bfcff04e4bc0ef2ee9025ff2c39d24
Secunia Security Advisory - Some vulnerabilities have been reported in the Extension::MobileUI for RT, which can be exploited by malicious people to conduct cross-site scripting attacks.
ab2e8b6413fe7d80930238df5428ddab75f4e3c2f88f803a8cec8ee50e90deaa
Red Hat Security Advisory 2012-1114-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
737ca44d3c22f02002125758603606b3bf1912e7077558158feefff2fb692236
Ubuntu Security Notice 1517-1 - It was discovered that the Mono System.Web library incorrectly filtered certain error messages related to forbidden files. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting (XSS) attacks. It was discovered that the Mono System.Web library incorrectly handled the EnableViewStateMac property. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting (XSS) attacks. This issue only affected Ubuntu 10.04 LTS. Various other issues were also addressed.
be0532b5d29f4ce5ef9813a17a2367a5ec386f67370f51d9825d90b7a5f27ec2
Red Hat Security Advisory 2012-1116-01 - Perl DBI is a database access Application Programming Interface for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. Two format string flaws were found in perl-DBD-Pg. A specially-crafted database warning or error message from a server could cause an application using perl-DBD-Pg to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of perl-DBD-Pg are advised to upgrade to this updated package, which contains a backported patch to fix these issues. Applications using perl-DBD-Pg must be restarted for the update to take effect.
6b9911606556711f6d311f9701a306c24b1afc6085dfd1dde7ad91431c552f38
Ubuntu Security Notice 1516-1 - It was discovered that OpenSSL incorrectly handled the SSL_OP_ALL setting. This resulted in TLS 1.1 and TLS 1.2 being inadvertently disabled for certain server and client applications.
f2262e55a41ba5619c60cd6ba0d89acc3919c82392ab15e2dd986d7c27563ab8
HP Security Bulletin HPSBUX02789 SSRT100824 3 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to execute arbitrary code or elevate privileges. Revision 3 of this advisory.
ede63ffb5a2f14c0429fc9a03eebbb53fb85c803709c1fe088d7af87e5a33b45
Apple Security Advisory 2012-07-25-1 - A cross-site scripting issue existed in the handling of feed:// URLs in Safari. An autocomplete flaw was also fixed in Safari. Various other Safari issues have also been addressed. Webkit had code execution, cross origin, access control, and various other vulnerability issues addressed.
8732227d6e75dc119efc7310ee76893499230d392a70d317817005bf2619e391
Mandriva Linux Security Advisory 2012-111 - It was found that previously libgdata, a GLib-based library for accessing online service APIs using the GData protocol, did not perform SSL certificates validation even for secured connections. An application, linked against the libgdata library and holding the trust about the other side of the connection being the valid owner of the certificate, could be tricked into accepting of a spoofed SSL certificate by mistake. The updated packages have been patched to correct this issue.
0e6890a08ae22ca1f467f5d5fce0ae80f27743e936d792f852966aa408755bd7
Drupal Subuser third party module version 6.x suffers from access bypass and cross site request forgery vulnerabilities.
f1e7353947ba5d34aebd66e41a93861e0be79700e5fc6ab0bdea97b13c264eb9
Drupal Location third party module versions 6.x and 7.x suffer from an access bypass vulnerability.
32e857f20d34d7a34a7f4fb7806d0de7e4b43d13c188388880debffda623191b
Slackware Security Advisory - New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
e0b2e87d2acceb14c61c2087afccaa1d022ee55170560ead2c4445f6120f1380
Drupal Secure Login third party module version 7.x suffers from an open redirect vulnerability.
085018766c4aca8f7f4e6b904acaa32fdef096340a8e38b04a51e988c9bae10c
Drupal Gallery Formatter third party module version 7.x suffers from a cross site scripting vulnerability.
5b48a8e0c844ca57bc1ca91f72f0a359d87774ce2d59e39cb70c4c3bb05490bf
Secunia Security Advisory - Two vulnerabilities have been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).
6e8b9db19ff75a72f524a180d663809cc372d88d2088684b0245852a8d37c58b
Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere MQ, which can be exploited by malicious users to bypass certain restrictions.
97ada1e4be02d46960d51389943f616526bc13d8216e951e9639dee8e48bb565
Secunia Security Advisory - A vulnerability has been reported in Blackboard Learn, which can be exploited by malicious people to conduct cross-site scripting attacks.
464769021f84062862979d21d00ae879e9ac5d8ca21ef3a42ca54e644ec85b3d
Secunia Security Advisory - Multiple vulnerabilities have been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service).
4f182462b99aaeeac6d2a43de092cebbdbf10d8be09375e100bdc24dfc1ca605
Secunia Security Advisory - Microsoft has acknowledged multiple vulnerabilities in Microsoft SharePoint Server and FAST Search Server 2010 for SharePoint, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
e6c9a12a3048f098ad666ec51a0733c593ccea3cb01d24daecb37787b49203c9
Secunia Security Advisory - A vulnerability has been reported in SquidClamav, which can be exploited by malicious people to cause a DoS (Denial of Service).
b26168a03d13e1c5db9809741d8c78d01f064371d233aedf2feec8bbfe47941a
Secunia Security Advisory - Charlie Eriksen has discovered a security issue in the GD Star Rating plugin for WordPress, which can be exploited by malicious people to bypass certain security restrictions.
ee85ab9808ff9f110f7871dc8fcc87890303cd35d29ee50ef17ca622dfd77a15