WordPress InfiniteWP Client plugin versions 1.5.1.3 and 1.6.0 suffer from a PHP object injection vulnerability.
74ff5245b2d5c61d42d72ec48e5ef102ec8f33a14a671e780a71faac3de023c7EMC Isilon OneFS is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. Various versions of the 7.x.x.x releases are affected.
e90fe55e4ac1ce95d60fef53ca4d18d4e23e188f99c4a0a9d995592b077bef24WordPress CMS Command Client plugin version 2.21 suffer from a PHP object injection vulnerability.
7625040df4e8cd693c4e1f946eb49f919e552143bf24eb14f8dfd937809d5dd3WordPress Google Forms plugin versions 0.8 through 0.87 suffer from a PHP object injection vulnerability.
ae94630680f1e42c5eeb8f1edcd5f27fe6bcea14d0a2979fd4b00f7a0817a4a2OpenCart version 2.3.0.2 suffers from a cross site request forgery vulnerability.
8e30f83b2ffe57959ff9f9854a4e605a27ee7efbc48ea1739cb3bedf09e55d23Gentoo Linux Security Advisory 201701-65 - Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites, the worst of which may allow execution of arbitrary code Versions less than 1.8.0.121 are affected.
1d411c67045468f66d9be8f87af444135bfe4edb5ff40c3d978dceeda485b1e7Gentoo Linux Security Advisory 201701-64 - Multiple vulnerabilities have been found in X.Org X Server, the worst of which may allow authenticated attackers to read from or send information to arbitrary X11 clients. Versions less than 1.18.4 are affected.
73e2e4f1303187d367e8f18e99cdc9c6afef497aaa8fe6fed6db24b7ecf4f370Red Hat Security Advisory 2017-0191-01 - After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase.
5ef45ba4c4459be94e2c6736d80d19748c391b48f908d25e7ec5b81775e18389Red Hat Security Advisory 2017-0192-01 - After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase.
f5a4a7baea0c8d806ae99d96ea51b8054ba30cb5ed3ac794f4ae47c8baa364ebRed Hat Security Advisory 2017-0190-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.7.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
92a75711d8c764d53700932ba5fa362465c3ba99f2a33e3f058ccf0ea605a3deHP Security Bulletin HPSBST03642 3 - Security vulnerabilities in OpenSSL and OpenSSH were addressed in HPE StoreVirtual products using LeftHand OS. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information, additional OpenSSL and OpenSSH vulnerabilities which could be remotely exploited resulting in arbitrary code execution, unauthorized access, disclosure of information, or Denial of Service (DoS). Revision 3 of this advisory.
864bcff09d4a86c839035348112fa45614c1f5e5a95ea128a61d9122002eb2f1HP Security Bulletin HPSBHF03695 1 - A security vulnerability with the Ethernet Non-Volatile Flash Memory (NVM) image in Intel Forteville-based adapters has been addressed by certain HPE Ethernet Adaptors. The vulnerability could be remotely exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.
2ef48a83b40449f8fbb254829043b60e5e679b066dd69b0e0d85eb8600f804a4Ubuntu Security Notice 3179-1 - Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes them to be used only if no non-legacy algorithms can be negotiated. It was discovered that OpenJDK accepted ECSDA signatures using non-canonical DER encoding. An attacker could use this to modify or expose sensitive data. Various other issues were also addressed.
6bda3d62c1c8c78bd4f6b0e8698e7c3cd70f29a93396246928e224431ea0e83fRed Hat Security Advisory 2017-0194-01 - This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6 and includes bug fixes and enhancements.
87174b8450d231a37911132f24e96b986faf624c7b0a9cba8fa385f524dd7b74Red Hat Security Advisory 2017-0193-01 - This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6, and includes bug fixes and enhancements.
add426ec965f995c831f757bb8748e79a3bfb0db3b46802a9cf9ad5be73448c2HP Security Bulletin HPSBHF03441 2 - Potential security vulnerabilities have been identified in HPE Integrated Lights Out 3, HPE Integrated Lights Out 4, and Integrated Lights Out 4 mRCA. The vulnerabilities are remotely exploitable. Revision 2 of this advisory.
725dda88fc75de2dd666620311ad115afdaf41691da1310e0ffe965f13f3659dWD My Cloud Mirror version 2.11.153 suffers from remote command execution and authentication bypass vulnerabilities.
b6e6e9435d35488c27f70634c1ba1c1a4fb0d74f1203dc7d4d19ef05043a7bafThis essay takes a look at a selection of network anonymity systems including VPNs, Tor, Freenet and I2P. The different systems are explained and then compared and contrasted with each other. A number of issues are considered for each system including ease of use, popularity, strength of anonymity provided, and potential attacks on the system.
a4e13aeaa32d0f23f46e8a5422c6a62f47a566f7de1f2f87f6b1a2306e58ba82Apple Security Advisory 2017-01-23-7 - iTunes for Windows 12.5.5 is now available and addresses code execution vulnerabilities.
4c501fcce5004df66bab08bab466bc67e6321f8c5999863d097303011f483d4f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed