HP Security Bulletin HPSBGN03537 1 - Security vulnerabilities in the libXML2 library could potentially impact HPE IceWall Federation Agent and IceWall File Manager resulting in local or remote Denial of Service (DoS). Revision 1 of this advisory.
2d97cdc3ee35463f4e4c2f45765df4afHP Security Bulletin HPSBGN03536 1 - Security vulnerabilities in the OpenSSL library could potentially impact HPE IceWall products resulting in local or remote Denial of Service (DoS). Revision 1 of this advisory.
1bf6e4ef805d77a6fdaddf986eb72261Ubuntu Security Notice 2881-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.47 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.04 and Ubuntu 15.10 have been updated to MySQL 5.6.28. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
d0f7c6a3129613781c586188f8996dd8Red Hat Security Advisory 2016-0068-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.
90b1526b8906c2e2d3bc467d646aaefbRed Hat Security Advisory 2016-0067-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. An integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions.
96d6f2ec40398d3cb3b8d7a66a81fe1aWordPress Appointment Booking Calendar plugin versions 1.1.23 and below suffer from a shortcode remote SQL injection vulnerability.
43a554bb1fe05c73f363f9e83707cf5bDebian Linux Security Advisory 3453-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.23. Please see the MariaDB 10.0 Release Notes for further details.
090c9e07ed6b1fb496e01cda25dd8610glibc catopen() suffers from multiple unbounded stack allocations.
29122a42dc712a3bab33f35587fc0f32WordPress Easy Gallery plugin version 4.1.4 suffers from a cross site scripting vulnerability.
28688bce69fbfc6ba7a3411c2b946f64Apple Security Advisory 2016-01-25-1 - tvOS 9.1.1 is now available and addresses code execution vulnerabilities.
15f2bdc1c358231927f6db6019c16330Magento versions 1.9.x suffer from a man-in-the-middle vulnerability.
d4629aef37844f685b215972a6c2c381PHP File Manager version 0.9.8 suffers from authentication bypass and code execution vulnerabilities.
34ec1229128a3f5e38806e1464eaf74eBK Mobile CMS version 2.4 suffers from a cross site scripting vulnerability.
996eeab5ee74bcb84a5f179158e516d3PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
3e6973197406ce65172043e308800be5Red Hat Security Advisory 2016-0066-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems such as multiple databases, XML files, and even Hadoop systems appear as a set of tables in a local database. This update serves as a cumulative upgrade for Red Hat JBoss Data Virtualization 6.2.0. It includes various bug fixes, which are listed in the README file included with the patch files.
392bd20d0e6a6ec5f710a01ef61b92d7Red Hat Security Advisory 2016-0065-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.
546d5eddfb22ac40ec2f507a96158285
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed