SGMiner versions prior to 4.2.2, CGMiner versions prior to 4.3.5, and BFGMinter versions prior to 3.3.0 suffer from a heap overflow vulnerability.
09fe64a809470500313051676e9ad8121a80b770f8f0e2a32fe86b855437d207
Red Hat Security Advisory 2014-0908-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
ffbd23e1ffa92495eb815c4ce9fe146ac8dbf2ad7faab7a36f44fbff8b6e6656
Red Hat Security Advisory 2014-0907-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine.
5d4dc327b258590b3b361bd36345fb85de08449993e8a79dc78af5a20677802d
Red Hat Security Advisory 2014-0910-01 - Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.2.2 release serves as a replacement for JBoss Operations Network 3.2.1, and includes several bug fixes.
7af56d5dc9c292b2a0044d35f62a3d98324ab1a497e7002967f712beb2148fa0
Ubuntu Security Notice 2293-1 - Francisco Alonso discovered that the CUPS web interface incorrectly validated permissions on rss files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation.
d0afde3f652695a582f8f83010eff7e3e04b687512bd57083978cd1bcf5e8994
Debian Linux Security Advisory 2983-1 - Multiple security issues have been discovered in the Drupal content management system, ranging from denial of service to cross-site scripting.
938dadbb8de11e8c9f694b1d0aa220d43066d093cbf3007b9fcf5251f03c8315
Debian Linux Security Advisory 2982-1 - Sean Griffin discovered two vulnerabilities in the PostgreSQL adapter for Active Record which could lead to SQL injection.
331d4543cf61c142535437ee8da640bf5b3deac8ea9130d339f2b0c9876eec7b
Elasticsearch Logstash versions 1.0.14 through 1.4.1 suffer from a remote command execution vulnerability.
af4c8c7dd3bc0722d099ec0c672298ee3ab08240c306a42f89bf7e33cf00c9e4
Debian Linux Security Advisory 2981-1 - A flaw was discovered in PolarSSL, a lightweight crypto and SSL/TLS library, which can be exploited by a remote unauthenticated attacker to mount a denial of service against PolarSSL servers that offer GCM ciphersuites. Potentially clients are affected too if a malicious server decides to execute the denial of service attack against its clients.
70a09661641d33d05f9797403b7e62219e47c569aa44ffbd36977b7ab966a7af
Red Hat Security Advisory 2014-0902-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section.
4ace546ea206559cc98cd2aef0db993b4b386dbd1e5f16172795f73b65d03186
Debian Linux Security Advisory 2980-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.
08187320a4ba1735bf8be560260f5b3d0985e9194e9446e35aa071a22aca02b2
Debian Linux Security Advisory 2979-1 - Two vulnerabilities were discovered in Fail2ban, a solution to ban hosts that cause multiple authentication errors. When using Fail2ban to monitor Postfix or Cyrus IMAP logs, improper input validation in log parsing could enable a remote attacker to trigger an IP ban on arbitrary addresses, resulting in denial of service.
663686ca280e9f3c71e71611cc65c7317ff186652c7a041a969f80c3fe0d6f6f
EMC RecoverPoint Appliance (RPA) version 4.1 has the internal firewall disabled by default.
d477db475619a9a78485c60133655670df67bddd853ead619c333f71fc7eca27
Cisco Security Advisory - A vulnerability in the web server used in multiple Cisco Wireless Residential Gateway products could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution.
6968ff4fbb937eaac9473bb098851f61c4f66b3058d93aeac5e38d2623713836
Ubuntu Security Notice 2290-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. It was discovered that an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.
d08146b9fea95b5609bae004d574e7ab893d68c13196106b2acc630dcddde5be
Ubuntu Security Notice 2288-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. An information leak was discovered in the Linux kernel's media-device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.
762c3e6b6422023b0cf7a2e4570f032da29fd554adfd4933d7c81ac2791e2d59
Ubuntu Security Notice 2287-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
94ee00bc3e51eee0cab2b52407443420b1915d25bdf54bb8483c9baf7e584422
Ubuntu Security Notice 2286-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
a5ef90e192f25e88bdc05dfdee78ce4c2c01c37086253de1e44f5916378ea6d5
Ubuntu Security Notice 2285-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
53e0798c2145b912fe223a7d42f93aed871de378ec27bac50506de03da6f050f
Ubuntu Security Notice 2284-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
65de288e89273b4a19a71abb156d0c8a5e22311920ee9d2e00adb2f15336ac60
Ubuntu Security Notice 2283-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
51f7353dddebbf98d96c1d6defd1a3d69f1782559d7243fa23fd748f4b653195
Ubuntu Security Notice 2292-1 - It was discovered that the LWP::Protocol::https perl module incorrectly disabled peer certificate verification completely when only hostname verification was requested to be disabled. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could possibly be exploited in certain scenarios to alter or compromise confidential information in applications that used the LWP::Protocol::https module.
04124159814afda52855f16ba5f872746057725d6ed57e3e9e8e74d49f9a14f0
Red Hat Security Advisory 2014-0900-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free function) arbitrary kernel memory.
93d4f43f287c1cf23493c2e022072560eb159a8f9435a1c0e2e7ec757823346e
Ubuntu Security Notice 2291-1 - Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
723e8cb6fd677790ef2622722d59af916bd5e27e09651422f5ca6aaa4e08b132
Ubuntu Security Notice 2282-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. A flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). Various other issues were also addressed.
7576ac5f9418fb22970fae92bda3060de5c7f880fb96a5b9f8bf23edeaa5a089