Secunia Security Advisory - A vulnerability has been reported in libvirt, which can be exploited by malicious people to potentially compromise a vulnerable system.
745124e07efbc9a073c26da55cce47a655a01e2796a59fd93f0aff3a72d75efeSecunia Security Advisory - Red Hat has issued an update for rubygem-activesupport. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
f3d7078d3cf0a20d985472f1fdc53b66b74c96051b8b4671339dc41102a89af6Secunia Security Advisory - Ubuntu has issued an update for ffmpeg. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
e1ff122a88c54155c71a58d78833994b525b8e9f56ef9073292bc707c3b359b7Secunia Security Advisory - Two vulnerabilities have been reported in Symfony, which can be exploited by malicious people to compromise a vulnerable system.
38c9e43a5b9f8023220849289de8c8ef89f56af8e1a55a0e5694c9dcbfc7d8cbSecunia Security Advisory - A vulnerability has been reported in Cisco IOS XR, which can be exploited by malicious people to cause a DoS (Denial of Service).
2d0aa8eff7c68934048cdf9b9b664df016672f45e7126aead14b00c428e92ee8Secunia Security Advisory - Junaid Hussain has discovered a vulnerability in the SolveMedia plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.
f1a22067428b97770336fc3844a27c0134696405a3eb8250b6a3346d3f8bcfc7Secunia Security Advisory - Ubuntu has issued an update for libssh. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
7270662bfd73dc1abd94d5b8a3a40bc34dd88b721f38401e99d507209844dec5Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM WebSphere Message Broker, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
7588dd596008f36665dd121fe499bc546228d65b930f3ad91025e6e6e237a0caSecunia Security Advisory - Red Hat has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.
de476f7d369b16edb237506430b1a189fa7102ba1f02365997d72587783506c3Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Tivoli Directory Integrator, which can be exploited by malicious people to cause a DoS (Denial of Service).
564fe0fa8884922975dfcacb1158acc7d99addeef19447001188ea5a76b276b6Secunia Security Advisory - Rapid7 has reported two vulnerabilities in Portable UPnP SDK, which can be exploited by malicious people to compromise an application using the library.
60b12f77e6a02e68eac2bc58f4a3d6ae3a3fcb9079974300c0a08fbf73f18d13Red Hat Security Advisory 2013-0202-01 - Ruby on Rails is a model–view–controller framework for web application development. Active Support provides support and utility classes used by the Ruby on Rails framework. A flaw was found in the way Active Support performed the parsing of JSON requests by translating them to YAML. A remote attacker could use this flaw to execute arbitrary code with the privileges of a Ruby on Rails application, perform SQL injection attacks, or bypass the authentication using a specially-created JSON request.
677405cc6f27592547c54fbd53303da5f833360860544cfa0aad5d9de7076d40Red Hat Security Advisory 2013-0201-01 - Ruby on Rails is a model–view–controller framework for web application development. Active Support provides support and utility classes used by the Ruby on Rails framework. A flaw was found in the way Active Support performed the parsing of JSON requests by translating them to YAML. A remote attacker could use this flaw to execute arbitrary code with the privileges of a Ruby on Rails application, perform SQL injection attacks, or bypass the authentication using a specially-created JSON request.
7085d262054b23233cc05f55745aba2be87d32348b742f0737def218a860a95fRed Hat Security Advisory 2013-0199-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. A flaw was found in the way libvirtd handled connection cleanup under certain error conditions. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, execute arbitrary code with the privileges of the root user.
9b0926897ef2c7c11cb24ab1e055d63e9d0b4aadfbd76cf8b9d00499296212ffUbuntu Security Notice 1707-1 - Yong Chuan Koh discovered that libssh incorrectly handled certain negotiation requests. A remote attacker could use this to cause libssh to crash, resulting in a denial of service.
2a67a8edbc2942f40a6dcc4eeb9ad04e3853fe87333ab4951b991ce2693bdb61Ubuntu Security Notice 1705-1 - It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
4885c6e712460bcef65d5c15506b834d318ec8d4e98ea5c8a29dbac7b3d7f433Ubuntu Security Notice 1706-1 - It was discovered that FFmpeg incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
9fe873a5ded247a9a0c01b7c9af80f73385c2e84994963b98a0704bb73eaa47fHunt CCTV and generic brands suffer from a file disclosure vulnerability that discloses authentication information.
14b74ae440b4a6e07d0a98ee13f99a611c71523e6ac3e975712c53334e4ca50bKohana Framework version 2.3.3 suffers from a directory traversal vulnerability.
ea06955b013046f6fb45f73dc70e9f96d73e7d9d2dc5ae38af913fe70c4fa2f7Mandriva Linux Security Advisory 2013-005 - Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via the x string repeat operator. The updated packages have been patched to correct this issue.
a30259c8c48c9d4f240f41c98a0bacfa483a7a6f42946a30309aa57aa4c6b8ecException-handling and input filter bypass vulnerabilities have been detected in Fortinet's FortiMail IBE Appliance Application versions 200D, 400C, VM2K, 2000B, and 5002B.
a7f37e90cd1bb9bf20490bf181d3c23bf5514eb7d341e42a733e7a2989dc440cnCircle PureCloud Vulnerability Scanner suffered from bypass and cross site scripting vulnerabilities.
d0981aa4c5de3af0ee27372b710e88674902e0a7e5c20ed0ad8cebb12d5f460aPayPal suffered from a persistent script insertion vulnerability.
94a509e5cbb5161d8060abd3385a8bdff995a376f1b0272a7ceeefe20b90587dSecunia Security Advisory - A security issue has been reported in some Hitachi Cosminexus products, which can be exploited by malicious users to bypass certain security restrictions.
f7f63c30907d30119a975529a141772b6a6dabdc64c7b35fae221d64bafb0133Secunia Security Advisory - Multiple vulnerabilities with unknown impacts have been reported in FFmpeg.
369e656326f644487f0a3ef70b3553bcc55c64ae2b38da43232ceb1bd7ac5f7a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed