Ubuntu Security Notice 2098-1 - Florian Weimer discovered that LibYAML incorrectly handled certain large yaml documents. An attacker could use this issue to cause LibYAML to crash, resulting in a denial of service, or possibly execute arbitrary code.
cd079ff287b56169602f2067e0d08f11
Gentoo Linux Security Advisory 201402-4 - Multiple vulnerabilities have been found in libwww-perl, the worst of which could allow attackers to execute arbitrary code. Versions less than 6.30.0 are affected.
ce1ac446cc69b4b3c4a078b7c17d7a39
FortiWeb version 5.0.3 suffers from a reflective cross site scripting vulnerability.
2959bcc07d5aab72bb3895e457fbaa0f
Inteno DG301 routers are susceptible to a remote command injection vulnerability. Proof of concept included.
3f1f97f40ed0fa4bcafd8c9e709c0dd9
FortiOS version 5.0.5 suffers from a reflective cross site scripting vulnerability.
15797465fe68a9920ed1b3f8a879d740
Slackware Security Advisory - New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
6ba4718d9e1eda0d3208fa098c86e237
Red Hat Security Advisory 2014-0136-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
ede62275d33d7a1ea92f56a9c1221987
Red Hat Security Advisory 2014-0135-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
49b8620cdbbb75069815773cf6794778
Red Hat Security Advisory 2014-0134-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
c64feed8c4e6bca9dbd394d3e665af34
Red Hat Security Advisory 2014-0133-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird handled error messages related to web workers. An attacker could use this flaw to bypass the same-origin policy, which could lead to cross-site scripting attacks, or could potentially be used to gather authentication tokens and other data from third-party websites.
5faaf30919d8a3a988df937a80074d39
This whitepaper discusses the various type of cross site scripting attacks (reflected, stored, DOM, and mutated). It also encompasses 16 solved challenges. Written in Spanish.
071d92472fbef9935eb1271e3086f5df
ImpressCMS version 1.3.5 suffers from arbitrary file deletion and cross site scripting vulnerabilities.
91440de1f233eb770e5ff37684693d46
Red Hat Security Advisory 2014-0132-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Firefox handled error messages related to web workers. An attacker could use this flaw to bypass the same-origin policy, which could lead to cross-site scripting attacks, or could potentially be used to gather authentication tokens and other data from third-party websites.
26a8fd133e7e6491de4417f572bf4efc
Red Hat Security Advisory 2014-0131-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Life Cycle Support for Red Hat Enterprise Linux 3 was retired on January 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 3 ELS after January 30, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. In order to provide customers with a final opportunity to migrate their systems to a supported version of Red Hat Enterprise Linux, the retirement process for Red Hat Enterprise Linux 3 ELS will complete on March 31, 2014. On that date, the Red Hat Enterprise Linux 3 ELS channels will be moved to the "Retired" channels area on the Customer Portal, and customers will be unsubscribed from the Red Hat Enterprise Linux 3 Extended Life Cycle Support channels.
05485daeb8ebca3c02f3925720fbd7ec
Contao CMS versions 3.2.4 and below suffer from a code execution vulnerability.
3c94116f1ec3e13bf6fc2b6e17ad237c
pMap is a tool for for passively discovering, scanning, and fingerprinting hosts on the local network. Included is a precompiled Windows binary.
918a11d4cc002487701f8df7c62116fc