Jolla Phone with Sailfish OS versions 1.1.1.27 and below suffer from a telephone URI spoofing vulnerability.
1e5ea6ababa53a368f6ee034d8c4f08f4e032acffd627cadd356717cfecfc988X2Engine version 5.0.4 Platinum Edition suffers from a cross site request forgery vulnerability.
f6273835fcbc357b84db088dd67b35d761e655a071f007034509965aad09b06bDebian Linux Security Advisory 3186-1 - It was discovered that the Mozilla Network Security Service library (nss) incorrectly handled certain ASN.1 lengths. A remote attacker could possibly use this issue to perform a data-smuggling attack.
7294ffa98790572d8f3abed1868667796a0c483dfdc3d3fb6c341a264192e061HP Security Bulletin HPSBMU03262 1 - A potential security vulnerability has been identified with the HP Version Control Agent running OpenSSL on Linux and Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. A second vulnerability could be exploited to cause a Denial of Service (Dos). Revision 1 of this advisory.
3070c93bed6df14907b630c3ebe05a9126aa3b2daaf9c039c582f171e5459ee0HP Security Bulletin HPSBMU03283 1 - Potential security vulnerabilities have been identified with the HP Virtual Connect Enterprise Manager SDK running OpenSSL on Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. A second vulnerability could be exploited remotely to cause a Denial of Service (DoS). Revision 1 of this advisory.
e27dcfd6cd09d50186dec0335d199a458b61fa56be2ef9e1fe57e6eb379a654aHostingTakip version 3.0 suffers from a persistent cross site scripting vulnerability.
e84df106491146ae09a5324d7fd4008af8c5914b682af96382f69c5222426db0HP Security Bulletin HPSBMU03259 1 - A potential security vulnerability has been identified with the HP Version Control Repository Manager running OpenSSL on Linux and Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
e66580f50053979a4ee06fd4efe139a4830d38cf5306fda4554c8a9b541a4454HP Security Bulletin HPSBMU03267 1 - Potential security vulnerabilities have been identified with the HP Matrix Operating Environment and HP CloudSystem Matrix running OpenSSL. These vulnerabilities comprise the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
5570b2af5b9b8cf9e59116ff814ca6462db2c1e427ac11943e2afd22e6120ee4Mandriva Linux Security Advisory 2015-058 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644. arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU. Various other issues have also been addressed. The updated packages provides a solution for these security issues.
9e3286645b07ba09497f299f4db502238c2d94c89713da2d000ee34aeb276a28This Metasploit module exploits a vulnerability in the IPass Client service. This service provides a named pipe which can be accessed by the user group BUILTIN\Users. This pipe can be abused to force the service to load a DLL from a SMB share.
b5d8f54940bc4ede44feb2e40c9032e54af84e76987e017af72d9a90a42d3fdaAlkacon OpenCms version 9.5.1 suffers from a cross site scripting vulnerability.
41e618a34618c4ea7f427c631a2d3cceb9a56206a46ab3e6be6915dfa1f435afWordPress SEO by Yoast plugin versions 1.7.3.3 and below suffer from a remote blind SQL injection vulnerability.
89502f8d9383075084f39e19b7cba82ec0e7453af24a56aba620e367db699048WordPress WPML plugin versions prior to 3.1.9.1 suffer from remote SQL injection, cross site scripting, and page/post/menu deletion vulnerabilities.
ba54a3b1a46db6292b5bd15e0b1a454fed02128f7e7bf7ce3995d4fa7d872962Codiad version 2.5.3 suffers from a local file inclusion vulnerability.
138cade715f049322ab7684bf6eca673c9ae52712b00162f8344967ae914782biPass Mobile Client version 2.4.2.15122 suffers from a local privilege escalation vulnerability.
bd007d26621d154125e049c9012e6a55d1250112d7f68cf635a95297806bc04aCkeditor version 4.4.7.x suffers from cross site scripting and remote shell upload vulnerabilities.
ff9f0475f02a2da2c698414df7fb0c688da73c1d1cf63ce8051b290f339e9813Debian Linux Security Advisory 3185-1 - Multiple vulnerabilities were discovered in libgcrypt.
6ce9b887c204b8096051a3210b40087e29d2d0a48576ee311154e2278f174168Debian Linux Security Advisory 3184-1 - Multiple vulnerabilities were discovered in GnuPG, the GNU Privacy Guard.
13c6d025c2d9c1babbfd6860c323e1e6fb7e4b31a5784250a5d788a74db32f6dHP Security Bulletin HPSBMU02895 SSRT101253 5 - Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. Revision 5 of this advisory.
e50dd995f1f6f713a3f3629e34b81f5ba16eeee02fe373e72089093cdf4ec49dHP Security Bulletin HPSBGN03249 1 - Potential security vulnerabilities has been identified with HP ArcSight Enterprise Security Manager (ESM) and HP ArcSight Logger. These vulnerabilities could be exploited remotely resulting in multiple vulnerabilities. Revision 1 of this advisory.
a1fcb6710194bea41a6157ec927e5e7a8625608e6de1114603ab1e43103da423Debian Linux Security Advisory 3183-1 - Multiple vulnerabilities have been discovered in Movable Type, a blogging system.
592285dca6bd1637579875edf0125b54ba6eea6444a6e82c168ebfdfbaf2fa79
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed