Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.
39eaa71765d33198222497e34aab245d65b3b844120d11bec809f454b85721ad
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
39a7d6859bf4bd9ac56fd83a5e32d47d1b24ba06f912a027804492ca941936dd
WordPress FoxyPress plugin version 0.4.2.5 suffers from cross site request forgery, cross site scripting, path disclosure, remote shell upload, open redirect, and remote SQL injection vulnerabilities.
de830eed195cbfc1599a0dbca00d8fe76804c6bb2f451f88dcf2319725caba6a
HP Security Bulletin HPSBUX02825 SSRT100974 - A potential security vulnerability has been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. This could allow remote unspecified indirect vulnerabilities. Revision 1 of this advisory.
547ceb4ef1c1d89b9d16d647e2865c0306004252d0f2fa561617c7dfa92310e2
CYBSEC Security Advisory - Endpoint Protector version 4.0.4.2 suffers from multiple persistent cross site scripting vulnerabilities.
ef0092389df049ef7eb3985f4d8f532b6da2398a44b2cb06c67d4c0a037ddab5
Red Hat Security Advisory 2012-1416-01 - The kdelibs packages provide libraries for the K Desktop Environment. Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory.
101cacfd82c7dac3ea6d3f99a4197eed000e0c42051e56aed16c17208f1c73a8
Red Hat Security Advisory 2012-1418-01 - The kdelibs packages provide libraries for the K Desktop Environment. Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory.
6582863cde9c49a0e0bc85184224c6048197a56271a1b5c82822fe8778621d7f
Red Hat Security Advisory 2012-1417-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 6.0 will end on 30th November, 2012.
c9451315b1ce5338a1748fe923873d9af637d3dfa78f3e93176d908e4589506b
PG Dating Pro CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
2d29ab841271349d3f70693eec7abef53734b54ed8c65588674506854c6b0f6e
Citrix XenServer version 5.0 through 6.0.2 suffer from a privilege escalation vulnerability.
eb3974e68da4195443054f477c4bf3f18f7d35f86b9ec8a0799c51acbb0c4459
VaM Shop version 1.69 suffers from cross site scripting and remote SQL injection vulnerabilities.
b0b18e474c417fd1c040915d886eccf373c7e089f4abd9ab7ba5574762eb53ac
The Joomla Quiz component suffers from cross site scripting and remote SQL injection vulnerabilities.
a4cf9598978b4e508c4901011742af5b2e071f4e07687b1393bd4f8be7d61956
NetCat CMS version 5.0.1 suffers from cross site scripting and HTTP parameter pollution vulnerabilities.
21d9c58badf1220d20cd3097eafaba785483ba2bd3262191fdded25eb9733d84
Secunia Security Advisory - A security issue has been reported in EMC Avamar Client for VMware, which can be exploited by malicious users to disclose sensitive information.
deaac988fa770fc458028bfe0f9f9fe35562dd4d3b67ff7be8a2db044a58ea6f
Secunia Security Advisory - Some vulnerabilities have been reported in the Formhandler extension for TYPO3, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
875d2cfd25178a58dac0e234b2838f0c47b3d7181a052e23bc535c818b8f624a
Secunia Security Advisory - SUSE has issued an update for MozillaFirefox, MozillaThunderbird, xulrunner, and seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.
1fea2bbae517baa23ca053dc1ae64c82fd9e15994a3ee08e24ff219495c1aea5
Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.
bdd901343c88160ef5544078a6448e4c838f7ff514f18d3b165c9ba0bf1acd98
Secunia Security Advisory - Craig has reported a vulnerability in D-Link Wireless N300 Cloud Router, which can be exploited by malicious people to compromise a vulnerable device.
0c755c044ff7818095b8456ebfb819b7501699f81f43a2f50268485322346eca
Ubuntu Security Notice 1620-2 - USN-1620-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Please note that Thunderbird is only affected by window.location issues through RSS feeds and extensions that load web content. Mariusz Mlynski and others discovered several flaws in Firefox that allowed a remote attacker to conduct cross-site scripting (XSS) attacks. Antoine Delignat-Lavaud discovered a flaw in the way Firefox handled the Location object. If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections and perform cross-origin reading of the Location object. Various other issues were also addressed.
f2e4e764d882fd6bbb7f865b89f77a72bcbe31d45eecbc5b68c1ddb8b974ee7d
Secunia Security Advisory - Ubuntu has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.
5b38e09956f586c935b4630b82e2cbe5589bc7e004a970632e953834c2293b8f
Secunia Security Advisory - Debian has issued an update for icedove. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
930fea3ca9f7afe619635f17bc6af000f510550568de2821a2f436d3f6684732
Secunia Security Advisory - MustLive has reported a vulnerability in CorePlayer, which can be exploited by malicious people to conduct cross-site scripting attacks.
870733fc405b5be026a1fc2b6bf94d2bace074f3968dc0d1414a4b513b9f048f
Secunia Security Advisory - Multiple vulnerabilities have been discovered in the Slideshow plugin for WordPress, which can be exploited by malicious users to conduct script insertion attacks.
cae362d210f74443ff8b56bb92abeac5f7ae52f94e4b5fc060ecb07b665e3b0e
Red Hat Security Advisory 2012-1413-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Multiple flaws were found in the location object implementation in Thunderbird. Malicious content could be used to perform cross-site scripting attacks, bypass the same-origin policy, or cause Thunderbird to execute arbitrary code.
ccae172d860a3458ffe08c0e4d3601ae3a7c6d83f4023e8cca647e1d72557f01
Debian Linux Security Advisory 2569-1 - Multiple vulnerabilities have been discovered in Icedove, Debian's version of the Mozilla Thunderbird mail client.
5a06bd2116ba702863aef57845ec332601a1a47904f725f8392f9f557e438fe5