Kanboard version 1.0.5 suffers from a cross site request forgery vulnerability.
8c31e63144f9219b29c5bbd68e400479b44a647e0274d0bdb3dced07c755f215Ntop-NG version 1.1 suffers from a reflective cross site scripting vulnerability.
c63a9f01cd4e6e39a33d31769307ba8f6ac0d9482ef45a69dbe6a335dc921fcdInvision Power IP.Board versions prior to 3.4.6 suffer from a reflective cross site scripting vulnerability.
8fcf37595878178616cd9bd4907703439ef3d34270217804ec67994facffd96bCisco Security Advisory - Cisco Unified Communications Domain Manager (Cisco Unified CDM) is affected by privilege escalation, default ssh key, and data manipulation vulnerabilities.
b63aea4cea9a57a97f59b74232580944f928061d1f71d05f24bac007e4c2e811HP Security Bulletin HPSBMU03055 - Potential security vulnerabilities have been identified with HP Smart Update Manager (HP SUM) running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.
02b0a1928a87117f1fa493f08a54b1d05eabf305e668a1cba7e4dd009b30814aRed Hat Security Advisory 2014-0827-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. It was found that Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a Tomcat server located behind a reverse proxy that processed the content length header correctly.
6be219eacce9042e12fe2cef9b4b259d2fd41c107909a8587cbfd4ff0f5baea3Ubuntu Security Notice 2265-1 - Abhishek Arya discovered that NSPR incorrectly handled certain console functions. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service.
e8ab311096e635e89cde8a1429ab04661e831c908dc394065ae930cd72aa18e1Red Hat Security Advisory 2014-0830-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.3 was retired on June 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.3 EUS after June 30, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. We encourage customers to plan their migration from Red Hat Enterprise Linux 6.3 to a more recent version of Red Hat Enterprise Linux. As a benefit of the Red Hat subscription model, customers can use their active subscriptions to entitle any system on a currently supported Red Hat Enterprise Linux release.
747f9a282bcb048674e0cbb5dde0634b466106ed04308f39daa3b9c708ab7f19Red Hat Security Advisory 2014-0831-01 - In accordance with the Red Hat Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 1 offering was retired on June 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Developer Toolset Version 1 after June 30, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided for Red Hat Developer Toolset Version 1 after this date. We encourage customers to plan their migration from Red Hat Developer Toolset Version 1 to a more recent release of Red Hat Developer Toolset. As a benefit of the Red Hat subscription model, customers can use their active Red Hat Developer Toolset subscriptions to entitle any system on a currently supported version of this product.
63ca1e074462a7c1ac479a0bccd85da774c883d763ce5ab04e439ce66e5ee48bDigital Whisper Electronic Magazine issue 52. Written in Hebrew.
875d6a96a0803a3bf23ed4392d89ce2f4eea989fcabade63845d0b6e7345b115OpenDocMan version 1.2.7.2 suffers from a stored cross site scripting vulnerability.
9f332c895e8166ec8e2320d9eefc0078f0941cb2d7bf695a536c577547ad88baZurmo CRM suffers from a stored cross site scripting vulnerability.
5bafb730d7c5a12c4e063d964b11386904a272a2960a0f02da3d188b2af16e88CMS ContWEB suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
c9abd3e81a9b22621cdeba959f32fae9d24c436ccf9b1e7c0905401f15456aedEMC Documentum eRoom versions 7.4.3, 7.4.4, and 7.4.4 SP1 suffer from a stored cross site scripting vulnerability.
2feb0e0ae1f3b4bf4901b9d29a9302b8d7ace1f7a348bdb8ed228d639d762b73Kerio Control versions 8.3.1 and below suffer from a boolean-based blind remote SQL injection vulnerability.
d4d98173a943d8ee530289ee12b942c4886ee315e765bc6d6df98b1e65bcce1aIDGuard is a platform for preventing network-layer fingerprinting on the network.
e74cff8ac02aee2f88120d537a2045f22432fb21ad7ce9105643543c75bcce95Whitepaper called HTML5 Modern Day Attack and Defence Vectors. This paper analyzes most of the features introduced in HTML5 along with the vulnerabilities each feature introduces.
8513f4316667a90362b7aad6528db9107c77904abf213c45d1e612037dd3eaf3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed