Secunia Security Advisory - Red Hat has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.
de476f7d369b16edb237506430b1a189fa7102ba1f02365997d72587783506c3
Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Tivoli Directory Integrator, which can be exploited by malicious people to cause a DoS (Denial of Service).
564fe0fa8884922975dfcacb1158acc7d99addeef19447001188ea5a76b276b6
Secunia Security Advisory - Rapid7 has reported two vulnerabilities in Portable UPnP SDK, which can be exploited by malicious people to compromise an application using the library.
60b12f77e6a02e68eac2bc58f4a3d6ae3a3fcb9079974300c0a08fbf73f18d13
Red Hat Security Advisory 2013-0202-01 - Ruby on Rails is a model–view–controller framework for web application development. Active Support provides support and utility classes used by the Ruby on Rails framework. A flaw was found in the way Active Support performed the parsing of JSON requests by translating them to YAML. A remote attacker could use this flaw to execute arbitrary code with the privileges of a Ruby on Rails application, perform SQL injection attacks, or bypass the authentication using a specially-created JSON request.
677405cc6f27592547c54fbd53303da5f833360860544cfa0aad5d9de7076d40
Red Hat Security Advisory 2013-0201-01 - Ruby on Rails is a model–view–controller framework for web application development. Active Support provides support and utility classes used by the Ruby on Rails framework. A flaw was found in the way Active Support performed the parsing of JSON requests by translating them to YAML. A remote attacker could use this flaw to execute arbitrary code with the privileges of a Ruby on Rails application, perform SQL injection attacks, or bypass the authentication using a specially-created JSON request.
7085d262054b23233cc05f55745aba2be87d32348b742f0737def218a860a95f
Red Hat Security Advisory 2013-0199-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. A flaw was found in the way libvirtd handled connection cleanup under certain error conditions. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, execute arbitrary code with the privileges of the root user.
9b0926897ef2c7c11cb24ab1e055d63e9d0b4aadfbd76cf8b9d00499296212ff
Ubuntu Security Notice 1707-1 - Yong Chuan Koh discovered that libssh incorrectly handled certain negotiation requests. A remote attacker could use this to cause libssh to crash, resulting in a denial of service.
2a67a8edbc2942f40a6dcc4eeb9ad04e3853fe87333ab4951b991ce2693bdb61
Ubuntu Security Notice 1705-1 - It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
4885c6e712460bcef65d5c15506b834d318ec8d4e98ea5c8a29dbac7b3d7f433
Ubuntu Security Notice 1706-1 - It was discovered that FFmpeg incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
9fe873a5ded247a9a0c01b7c9af80f73385c2e84994963b98a0704bb73eaa47f
Mandriva Linux Security Advisory 2013-005 - Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via the x string repeat operator. The updated packages have been patched to correct this issue.
a30259c8c48c9d4f240f41c98a0bacfa483a7a6f42946a30309aa57aa4c6b8ec
Secunia Security Advisory - A security issue has been reported in some Hitachi Cosminexus products, which can be exploited by malicious users to bypass certain security restrictions.
f7f63c30907d30119a975529a141772b6a6dabdc64c7b35fae221d64bafb0133
Secunia Security Advisory - Multiple vulnerabilities with unknown impacts have been reported in FFmpeg.
369e656326f644487f0a3ef70b3553bcc55c64ae2b38da43232ceb1bd7ac5f7a
Secunia Security Advisory - SUSE has issued an update for java-1_7_0-openjdk. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.
4d4c484b763f9ab92e1f8e0f3ff1dd1906cb38fec839fe15818c7688b4c22b65
Secunia Security Advisory - A vulnerability has been discovered in Elgg, which can be exploited by malicious users to conduct script insertion attacks.
2be2a4f3e6daa87dea4d22e1baa1a95641dec8655ca9fe2581362ca2bc4659b9
Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in ImageCMS, which can be exploited by malicious users to conduct SQL injection attacks.
53b5e572c41f0b17636515e742b358d2aefa3d0194d9119ba4deb02286d6d7a7
Secunia Security Advisory - A vulnerability has been reported in Cisco Adaptive Security Appliances (ASA), which can be exploited by malicious users to cause a DoS (Denial of Service).
da5276f8fb24a2bedf49c85d103f6ec22ef66af532912b0c5bedd73760385bfe
Secunia Security Advisory - Two vulnerabilities have been reported in Cisco WebEx Social, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks.
c019a4aa8266a3d87826bf3a8b7d1c26703fae12625c942990be6d5a2c1e35c3
Secunia Security Advisory - A vulnerability has been reported in Cisco Unified Communications Domain Manager (CUCDM), which can be exploited by malicious people to conduct cross-site scripting attacks.
83fc431d44bd356bebf66fc24bdc9d2256918fbdd14e98ddb5a1d80b4c602cf2
Secunia Security Advisory - Multiple vulnerabilities have been discovered in Perforce Web Client (P4Web), which can be exploited by malicious people to conduct cross-site scripting attacks.
b96cbbd3af664534d7a0b2d63a65dc2935d7e4713445cd1714b82a28376c21e5
Security Explorations explains how Oracle's Java security enhancements have failed to mitigate silent exploits.
2b66efc1c4e7c9fd15103824bba32feb11a12eafebd5e01dd6368fdffd26c398
Secunia Security Advisory - A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).
9c6556bca23c048f0b21f2cc4a53b48db77f739dc15c918270eb7bb250f3f08c
Secunia Security Advisory - Debian has issued an update for ircd-ratbox. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
d80e0dc410274fc7b4291c8e4be8fc461ccb0a1e008c629c3991c1582b380fdb
Secunia Security Advisory - Multiple vulnerabilities have been reported in Wordpress, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks and disclose sensitive data.
18e0bf4a9e6d6ca0bc10d1b6994e5f0ffa380335b0cbcd3bf6cdd04bc44df398
Secunia Security Advisory - Compass Security has discovered two vulnerabilities in iTop, which can be exploited by malicious people to conduct cross-site scripting attacks.
7baa54ea2cac302e37fe766ca2d24c6a34715dafd889ed0c3a03fecaac3b94a3
Secunia Security Advisory - IBM has acknowledged two vulnerabilities in IBM InfoSphere BigInsights, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service).
b520cd41aae56b88bb5e74afe15043e674f77660f2b56752a5414e88d2969863