HP Security Bulletin HPSBGN03537 1 - Security vulnerabilities in the libXML2 library could potentially impact HPE IceWall Federation Agent and IceWall File Manager resulting in local or remote Denial of Service (DoS). Revision 1 of this advisory.
ebea45214162925e8f3d50ace17003491095900b48925fe3074d9826ec4e1056HP Security Bulletin HPSBGN03536 1 - Security vulnerabilities in the OpenSSL library could potentially impact HPE IceWall products resulting in local or remote Denial of Service (DoS). Revision 1 of this advisory.
2b99681ebceb60a46689371fde54d86a3e769390a65f85b7ce1aa4c7cd8a15f5Ubuntu Security Notice 2881-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.47 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.04 and Ubuntu 15.10 have been updated to MySQL 5.6.28. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
2bc88c19395de03b53cc27be86ee9d916d59636a332c27b8889e4275eb2bf8f0Red Hat Security Advisory 2016-0068-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.
a07b4108920a1a2338a16ff91d6e7e04a130bd0cf8a5cba9c45831962774c097Red Hat Security Advisory 2016-0067-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. An integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions.
5a73dabf964f8b9c55826c2d74679c05094670f939d52ee34c592a2bc2ce38b9WordPress Appointment Booking Calendar plugin versions 1.1.23 and below suffer from a shortcode remote SQL injection vulnerability.
0c5cdf3268781bb2f238da8e18318c0012ae4af07a426704ca51e73453e1392dDebian Linux Security Advisory 3453-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.23. Please see the MariaDB 10.0 Release Notes for further details.
2d156a19b4ccb3e66b5900f59b4af5acd70b43682b720523406cdeeccb8d242bglibc catopen() suffers from multiple unbounded stack allocations.
caf84b9ea8ebc32c176093e05bebacaad33f8ab3e8422e642de67c6796682c46WordPress Easy Gallery plugin version 4.1.4 suffers from a cross site scripting vulnerability.
08b01aecf80327e52e023ead562b195bf63c36581f10efd0cf27896839fe3d55Apple Security Advisory 2016-01-25-1 - tvOS 9.1.1 is now available and addresses code execution vulnerabilities.
acd3e8a52eac75ad1c9e6428d66ac6c867dd3033b9ea268617af912620d66be5Magento versions 1.9.x suffer from a man-in-the-middle vulnerability.
1a8ec89508ab76d3e1690d5c566a439a7120f88d7945d716564e509ba86b8747PHP File Manager version 0.9.8 suffers from authentication bypass and code execution vulnerabilities.
65273401e57b33b4f6cd1df07fa16fbea93fa1f5b6c5d27ff3f44a84188080a5BK Mobile CMS version 2.4 suffers from a cross site scripting vulnerability.
6316023a14832b630910034da391c1463e0cc2c14f5c9ea6d8d1fb5d0232aacbPacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
68eb4cc07efcad7a52f59f2fe9f23dac1d4b3fb36b00d06da064390a06138a92Red Hat Security Advisory 2016-0066-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems such as multiple databases, XML files, and even Hadoop systems appear as a set of tables in a local database. This update serves as a cumulative upgrade for Red Hat JBoss Data Virtualization 6.2.0. It includes various bug fixes, which are listed in the README file included with the patch files.
5ae966565fa436e27ce6e9b583f52610d519b771d6a1c3bf01a621c2735bff28Red Hat Security Advisory 2016-0065-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.
e06a6f3cf7b7997f1003f2eab8522a00f4a3ea8980f9362438c772dbe0e2962b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed