Chevreto Upload Script suffers from cross site scripting and user enumeration vulnerabilities.
652bb56ffcc83e4e9f8c891a98b7b9a5ded3cf4471aced7d86d312e0ab0daf48
Debian Linux Security Advisory 2468-1 - It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the stability of the Java virtual machine.
920a70bfc04b0acc0425ec067ac9afcca3536a5264b0f2d72e8aaeffc68e9fde
Debian Linux Security Advisory 2422-2 - A regression was discovered in the security update for file, which lead to false positives on the CDF format. This update fixes that regression.
da5587655e5758f4b0e013bb717efdacb652bee005900188f3319cb5f1be004b
Debian Linux Security Advisory 2467-1 - It was discovered that Mahara, the portfolio, weblog, and resume builder, had an insecure default with regards to SAML-based authentication used with more than one SAML identity provider. Someone with control over one IdP could impersonate users from other IdP's.
5dee642e0bd8295239c7653b2351ced32900bd0db2c2ba222a7b00678aca31fd
Debian Linux Security Advisory 2466-1 - Sergey Nartimov discovered that in Rails, a Ruby based framework for web development, when developers generate html options tags manually, user input concatenated with manually built tags may not be escaped and an attacker can inject arbitrary HTML into the document.
45fc779659d12b3f4006e50d93f3790391de6edf2d1948ba64eb85d6500c30e4
Debian Linux Security Advisory 2465-1 - De Eindbazen discovered that PHP, when run with mod_cgi, will interpret a query string as command line parameters, allowing to execute arbitrary code.
132dc392faa1d0ed24275c516bc3f43d8f2d89f20f9fd699ba65d12b22ac8edd
video-entropyd is a program to add entropy data from video4linux devices to the kernel random driver.
aba6255ddb32cd376c785128a7e850fb51b6c1d7fe3f4ba765abc0c50ec67d7a
Secunia Security Advisory - A vulnerability has been reported in the Glossary module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
62ed63fbe79eb110f527ee4884523db71d7d4ef939846f2274dc494dce34a6fe
Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
d882890023babb38e6f8be453cbe7f8a029014de44cb8cbfe52e84d9900d1c55
Secunia Security Advisory - A vulnerability has been reported in the Take Control module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.
2bb91d04e18e5083fa0af8235d5f3660649a53bd404fbb7eab5c7ae7d95d0a23
Secunia Security Advisory - Debian has issued an update for libjakarta-poi-java. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
233f2743e53dbf983823995425586b3556d35d157dcd31fb2b97dd58e028236f