Kibana versions prior to 4.1.3 and 4.2.1 suffer from a cross site request forgery vulnerability.
6045ea2c042b81972ed4a68e93347e2b9910ce5897698ea762510910c470cac1VMware Security Advisory 2015-0008 - VMware product updates address information disclosure issue.
1c1a650290da77afa5cfb03bf88b3028205f532ac7c23a35fb455c034ad606faRed Hat Security Advisory 2015-2078-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input.
aac049a21ae427bf24643576d8701e697cfabc9ea4d02e806cb365d534decbceHP Security Bulletin HPSBGN03521 2 - A potential security vulnerability has been identified in HP Operations Orchestration Central. The vulnerability could be exploited to allow Cross-Site Request Forgery (CSRF). Revision 2 of this advisory.
e92f97e1cfb23f448556b38e851e40c4fae3071be411c7a5e4dfb582b77d66c5Debian Linux Security Advisory 3399-1 - Several vulnerabilities have been discovered in the libpng PNG library.
fc770fc5d8fb31cbec5d8f894af8183e571f9cdcc0236dffad328691216700daWireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
90026c761a85701d7783c7e2eaa4c1de247dfbadbd53221df355f121e42691ddThis Metasploit module exploits an authenticated privilege escalation vulnerability in the iControl API on the F5 BIG-IP LTM (and likely other F5 devices). This requires valid credentials and the Resource Administrator role. The exploit should work on BIG-IP 11.3.0 - 11.6.0, (11.5.x < 11.5.3 HF2 or 11.6.x < 11.6.0 HF6, see references for more details).
f329ba79799be3587e190db0a03ebd17f524e5bca267576582b6c1d628f1c3ceIBM i Access for Windows is vulnerability to a stack buffer overflow denial of service vulnerability.
11b7e54cc3e17a00c343563a50236ca59bcf4030efc0d0a5c7c6a895e9014571IBM i Access for Windows is vulnerable to a buffer overflow. A local attacker could overflow a buffer and execute arbitrary code on the Windows PC.
c580fc339b55fe7d4d1b8c410eb204c7360f55941a779e5f137933f2389ba06dHorde Groupware version 5.2.10 suffers from a cross site request forgery vulnerability.
c4fc067423fe364eb06a86f8f53f8d241025ebcaec8ec8d5e2dbc2baea883140Adobe Premiere Clip version 1.1.1 suffers from a filter bypass vulnerability.
51ff395ba796da8216a974270c7449690e7f1776d4051a48b6068c307b81af02Red Hat Security Advisory 2015-2068-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library.
fe60a25cea587409eb3e69819ff10f018734fe33d7f5c69935f661f1071aa61dUbuntu Security Notice 2814-1 - It was discovered that the NVIDIA graphics drivers incorrectly sanitized user mode inputs. A local attacker could use this issue to possibly gain root privileges.
9cea44ac231bd8392a6ff769542f3eae7053e40d8eb4017356111b4dc0c88e83Red Hat Security Advisory 2015-2077-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input.
b8119ca3b76675c365e5ec6e10e97a27a6c8163ea9d7805cb835c9fc98116c8bRed Hat Security Advisory 2015-2083-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input.
c9f88ba809baf90f4a629479a98d8482fd5274e5a0d331f3a4316e0f0531d8a8Red Hat Security Advisory 2015-2081-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. All PostgreSQL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
a9a97fccebbbe72476920331ce502e8ceb3f18514137ac2cdace7209eb1dcd74Red Hat Security Advisory 2015-2086-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.
688052df79cb50ce4f3ff4ec55819b330ffd2d39fb32fb8e3b13e6ff8eac86d2HP Security Bulletin HPSBGN03521 1 - A potential security vulnerability has been identified in HP Operations Orchestration Central. The vulnerability could be exploited to allow Cross-Site Request Forgery (CSRF). Revision 1 of this advisory.
2598d6a322739b3a2a0f9c9ce43bb8a1333a17d53479b18bd2784b21225a9fdb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed