EMC Avamar contains a security vulnerability that may potentially be leveraged by a malicious user to obtain sensitive information when performing a backup or restore operation relating to the vCenter Server. EMC Avamar VMware image and File Level Restore (FLR) proxies do not verify SSL certificates properly when presented by vCenter and may be vulnerable to man-in-the-middle attacks. This vulnerability may potentially be exploited to obtain sensitive information when performing backup and restore operations relating to the vCenter Server. EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x are affected.
960253ccc6bd345db43360a894017a6964b76e9c567c6ab6c5de909091e08bfa
Unisphere Central versions prior to 4.0 suffer from a large amount of security vulnerabilities and an update has been released that includes a fix for an unvalidated redirect issue along with various embedded component vulnerabilities.
ce4edb828cb719a743e51aeccc8b869350ac720be7a173f3e3978c205c139f5f
Asus RT-N10 Plus with firmware version 2.1.1.1.70 suffers from a cross site scripting vulnerability.
52834296326caf3b9233a242ffe1a865ee9dddc03118fc76297f3bfe0a1ac589
VMware Security Advisory 2015-0002 - VMware vSphere Data Protection product update addresses a certificate validation vulnerability.
0531aeee8d20e6e4def483d5bc261726b7dc432377407392d954630e1a91fddd
Debian Linux Security Advisory 3145-1 - Multiple vulnerabilities were discovered in Privoxy, a privacy enhancing HTTP proxy, which might result in denial of service.
e6db28ba30169786edf2dcf19679ab5a026574a62ab07e73a140bfd7b7124c5b
Debian Linux Security Advisory 3144-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.
622b1ffb514cee356dcd2ec27f28c7e4b1b32a3f20afd883039207989ce539b0
HP Security Bulletin HPSBOV03226 2 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. NOTE: These vulnerabilities impact OpenVMS TCP/IP BIND servers only. No update is required for BIND clients. Revision 2 of this advisory.
4935d3f1fb7ea8e8542d5095cd4cb2b982b905b4752fdda66d72da48b1f6e88d
Debian Linux Security Advisory 3146-1 - Jakub Wilk discovered that in requests, an HTTP library for the Python language, authentication information was improperly handled when a redirect occurred. This would allow remote servers to obtain two Proxy-Authorization header (CVE-2014-1830), or netrc passwords from the Authorization header (CVE-2014-1829).
d12919710b3c1d41c774e5833078bfdcbc449f8d50ae48755845daa5dbf03e7a
Debian Linux Security Advisory 3147-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.
8f72aaccb477a21c98ab72ae6ecbad94d77750711480b0a4c5c4c91781281f8c
Symantec Encryption Management Server versions prior to 3.2.0 MP6 suffers from a remote command injection vulnerability.
3bc3eeac36113e210abe514dc8172c9c2bb90bb59bbe5d343e9ac303b7490024
NPDS CMS Revolution-13 suffers from a remote SQL injection vulnerability.
142ca9db88be9cf3d50167d0e6ca107fc856238d9b989d450adedf97f40190cc
This is a whitepaper discussing mitigation of the Ghost glibc vulnerability as discussed in CVE-2015-0235.
77fdf5e2024f2bd5d09207c0e6a1b4251255bb6447af8bde63b893affd58ba12
McAfee Data Loss Prevention Endpoint version 9.3.200.23 suffers from an arbitrary write privilege escalation vulnerability.
b96f5506ade3562db4422d9d10574de13efea0a185c340127a4a630ff1c8727d