RSA Data Loss Prevention 9.6.SP2 P5 contains fixes for multiple security vulnerabilities that could potentially be exploited by malicious users to compromise the affected system. These include information disclosure, cross site scripting, and clickjacking issues.
99d1d2560ecc40f12dd6ecd45800c989WordPress Advanced Custom Fields plugin version 4.4.7 suffers from a cross site scripting vulnerability.
1d06c368059fb88e0eb7e756377c885bHP Security Bulletin HPSBGN03547 3 - A security vulnerability in glibc has been addressed with HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus components. The vulnerability could be exploited remotely resulting in arbitrary execution of code. Revision 3 of this advisory.
757524927a6673094cb2d8fa759c4cbeUbuntu Security Notice 2936-2 - USN-2936-1 fixed vulnerabilities in Firefox. The update caused Firefox to crash on startup with the Oxygen GTK theme due to a pre-existing bug in the Oxygen-GTK3 theme engine. This update fixes the problem. Various other issues were also addressed.
3bf270eb158f27c30fe86ab140838c9cGentoo Linux Security Advisory 201605-1 - Git contains multiple vulnerabilities that allow for the remote execution of arbitrary code. Versions less than 2.7.3-r1 are affected.
deca772986365cfb296617c1da0b7000Ubuntu Security Notice 2957-2 - USN-2957-1 fixed a vulnerability in Libtasn1. This update provides the corresponding update for Ubuntu 16.04 LTS. Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service. Various other issues were also addressed.
7c4d43bc8753e7b5d46d617f064946c3Ubuntu Security Notice 2957-1 - Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service.
fbd4f04ae892225bee3faadd8633f485Ubuntu Security Notice 2958-1 - It was discovered that the poppler pdfseparate tool incorrectly handled certain filenames. A local attacker could use this issue to cause the tool to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS. It was discovered that poppler incorrectly parsed certain malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. Various other issues were also addressed.
f4199826a8346f253e3a2d607616801eDebian Linux Security Advisory 3565-1 - Several security vulnerabilities were found in botan1.10, a C++ library which provides support for many common cryptographic operations, including encryption, authentication, X.509v3 certificates and CRLs.
cd50012514d39abd7cf811008e3da768Debian Linux Security Advisory 3564-1 - Several vulnerabilities have been discovered in the chromium web browser.
43eb711451915f9aeee0332249c6cfb0Red Hat Security Advisory 2016-0708-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 6 to version 6 SR16-FP25. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
91c202c500925b18d83df4e3af9b20c1Red Hat Security Advisory 2016-0706-01 - Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Security Fix: It was discovered that Mercurial failed to properly check Git sub-repository URLs. A Mercurial repository that includes a Git sub-repository with a specially crafted URL could cause Mercurial to execute arbitrary code. It was discovered that the Mercurial convert extension failed to sanitize special characters in Git repository names. A Git repository with a specially crafted name could cause Mercurial to execute arbitrary code when the Git repository was converted to a Mercurial repository.
f9b1ff5d1677d865a51f97532864511eRed Hat Security Advisory 2016-0705-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: rh-mysql56-mysql. Security Fix: This update fixes several vulnerabilities in the MySQL database server.
21299b34846d2fb5e35d8a961a2bb1afRed Hat Security Advisory 2016-0707-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 50.0.2661.94. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
e71be515928e819c07d05adf7fcd1b99Debian Linux Security Advisory 3563-1 - It was discovered that a heap overflow in the Poppler PDF library may result in denial of service and potentially the execution of arbitrary code if a malformed PDF file is opened.
4a3dee8565ee4ab5f9b469b1756efe2bRed Hat Security Advisory 2016-0704-01 - In accordance with the Red Hat Storage Support Life Cycle policy, the Red Hat Ceph Storage 1.2 offering will be retired as of May 31, 2016, and support will no longer be provided. Accordingly, Red Hat will not provide extended support for this product, including Critical impact security patches or urgent priority bug fixes, after this date.
bcc9e0a3a07ef3d5be9a9cb76bc6fac6Debian Linux Security Advisory 3562-1 - Several vulnerabilities were discovered in tardiff, a tarball comparison tool.
cc2a76fc513cf52bf3f4c9dd5de207deSlackware Security Advisory - New subversion packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
dd68e33205b2369ea8fb93e022b7bc3bSlackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
732feb7bcd9c559f3fe4bace4844ed1bSlackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
b41d6e6d104e4c44bb9be1e98e1f332dAnsvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
f1424cb108c0d4a01cd5f49c2993b8afAcunetix WVS 10 remote command execution exploit that gains SYSTEM privileges.
7b159668588b997e8bdbcab970b6532cLocal privilege escalation exploit for Qualcomm's Secure Execution Environment (QSEE) that leverages PRDiag* commands.
55a25c43b01fb4396d7212d488b2a910WordPress Export to Ghost suffers from an unrestricted export download vulnerability.
455e4a4fd7ff1f46343819ed01203196VBScan is a black box vBulletin vulnerability scanner written in perl.
c1649d6f39cb0e909b68b01e771909b0
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed