Apple Security Advisory 2016-02-25-1 - Apple TV 7.2.1 is now available and addresses code execution, information disclosure, access bypass, and various other vulnerabilities.
bf6f4fe66d502f5d2cfe52364aee2616a8b6313109616db2da1627ad5a4b40a6WordPress WP Ultimate Exporter plugin versions 1.0 and 1.1 suffers from multiple remote SQL injection vulnerabilities.
16a39c93c4c118309bb6382bf258c1c0fa954639322ef7c55a3a052d1c3848afCentreon versions 2.5.3 and below suffer from a remote code execution vulnerability.
3c4451947909782cb24cf03b689934f5d565641465aa23686ec6df8df29ff586Debian Linux Security Advisory 3492-1 - Daniel Gultsch discovered in Gajim, an XMPP/jabber client. Gajim didn't verify the origin of roster update, allowing an attacker to spoof them and potentially allowing her to intercept messages.
6458ae433eb2d65cf2336d02a0482c8bb4abd3984d7aca3b17a9f73a7114422bRed Hat Security Advisory 2016-0297-01 - In accordance with the Red Hat CloudForms Support Life Cycle Policy, support will end on February 28, 2017. Red Hat will not provide extended support for this product. Customers are requested to migrate to the newer Red Hat CloudForms product prior to the end of the life cycle for CloudForms 3.0.
904c22b05f19c5f99c4de16fbb194e475d9a3ddc6e10364eda2ee73976d76874Debian Linux Security Advisory 3493-1 - Gustavo Grieco discovered that xerces-c, a validating XML parser library for C++, mishandles certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. These flaws could lead to a denial of service in applications using the xerces-c library, or potentially, to the execution of arbitrary code.
65b274c933d90cefe3382f57ce846303ac98c8a5232db435954e456e7b506eacInfor CRM version 8.2.0.1136 suffers from multiple cross site scripting vulnerabilities.
b48e22c74e47621c31af3403d86e083a3f1abc5563fc2dfe8d627d1b581db34cZimbra versions 8.0.9 GA and below suffer from a cross site request forgery vulnerability.
0da0fe882cf7354bdf4be9e8dafb2bb44b40c75b431e52698d358584cb94db05HP Security Bulletin HPSBGN03549 1 - HPE IceWall products have addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
5c0bafbdb117854cb467fe44692de91315ec03062242458e577de6b74ec77e61Htcap is a web application analysis tool for detecting communications between javascript and the server. It crawls the target application and maps ajax calls, dynamically inserted scripts, websockets calls, dynamically loaded resources and some interesting elements. The generated report is meant to be a good starting point for a manual web application security audit. Htcap is written in python and uses phantomjs to load pages injecting a probe that analyzes javascript behaviour. Once injected, the probe, overrides native javascript methods in order to intercept communications and DOM changes. It also simulates user interaction by firing all attached events and by filling html inputs.
e1b46b0ad4d6efc49d1a685645e3212963cbee25ea12b9f3f64dee6c50699a17Cygwin suffers suffers from a dll hijacking vulnerability.
24171614c6478bf8aec76c25acdb2fc75fc734452867fb86432651acd0df8e10Various D-Link and Netgear devices that make use of the FIRMADYNE framework suffer from command injection, buffer overflow, and authentication bypass vulnerabilities.
e1f65451595116919451f722284040e48ed00ae6e1c4227dd28831ce50e8f637Google's Chrome Cleanup Tool suffers from a dll hijacking vulnerability.
e2bde11264a28f5ba73ff12c3c7437fc0631264903401454d76b59f90187c3bdGIMP for Windows suffers from a dll hijacking vulnerability.
ac97dc5b648db74d6ed97b0c86498de3904d37cb7b8d8c613ef2aa9e05f1cefeThe Linux kernel suffers from multiple privilege escalation vulnerabilities.
0b1307cf1bccf05f7afed496f827ea994587f2a9aabae71db2922ee6a1d127fd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed