Gentoo Linux Security Advisory 201311-9 - Multiple vulnerabilities have been found in FreeRADIUS, the worst of which allow execution of arbitrary code or Denial of Service. Versions less than 2.2.0 are affected.
57bcce463337b741d7d21b72cef8fb2112833dc0e82e9e2ffac188cc8c2cd7ed
Red Hat Security Advisory 2013-1519-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition was found in the way asynchronous I/O and fallocate() interacted when using the ext4 file system. A local, unprivileged user could use this flaw to expose random data from an extent whose data blocks have not yet been written, and thus contain data from a deleted file. An information leak flaw was found in the way Linux kernel's device mapper subsystem, under certain conditions, interpreted data written to snapshot block devices. An attacker could use this flaw to read data from disk blocks in free space, which are normally inaccessible.
b7e3670d1883b8a69860346779ea0650b4c74cff69296f9794b964c54532bad5
Zikula version 1.3.5 build 20 suffers from a cross site scripting vulnerability.
d4aa7a019d25c876743342db6f2f79b44ee7b8795498b59486f415c5a8de7698
Gentoo Linux Security Advisory 201311-8 - A vulnerability in Netpbm could result in execution of arbitrary code or Denial of Service. Versions less than 10.49.00 are affected.
ea8452d7a1cee55fb0d6a0685cf72c7fe00baa2d82e6e1e8656247eb497acac8
Red Hat Security Advisory 2013-1518-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-26, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.327.
178b171f3369f1af2726ea0d63663fd56d037b6043e9271330d369a6b06ba904
Ubuntu Security Notice 2029-1 - It was discovered that Apache Commons FileUpload incorrectly handled file names with NULL bytes in serialized instances. An attacker could use this issue to possibly write to arbitrary files.
e46f28c46612b15cb45c3973ca0a42be6548193b0092ba892008a75ab4d2f9b3
Gentoo Linux Security Advisory 201311-7 - Multiple vulnerabilities have been found in Blender, the worst of which could allow attackers to execute arbitrary code. Versions less than 2.49b-r2 are affected.
895983cec8d709bd182528490c8480f44f15829aec91e36fe248418bc732dbc2
Debian Linux Security Advisory 2795-1 - Several vulnerabilities have been discovered in the lighttpd web server.
97f5377fa5f81c44691c211cbba072e5b63c58f1e78e4fb2f095951a55ecdee1
HP Security Bulletin HPSBHF02939 - Potential security vulnerabilities have been identified with HP Integrated Lights-Out 4 (iLO4). The vulnerabilities could be exploited remotely resulting in Cross Site Scripting (XSS) or an unauthorized disclosure of information. Revision 1 of this advisory.
3888291bf876153209249206c85f63b50efba76aa74e3d2a2402421cca1fc42f
LastPass suffers from container PIN and auto-wipe security feature bypass vulnerabilities.
e553b2ef39e91a61d36ce85dd65b50d74e4a10ec344dbac343f09847deddb505
A persistent cross site scripting weakness has been discovered in the guest pass provisioning web interface of the ZoneDirector controller devices. An attacker with access to an authenticated user session with privileges for guest pass generation may cause certain malicious javascript code to execute in the user's browser with privileges of the user or the admin. ZoneDirector Controllers versions 9.3.x, 9.4.x, 9.5.x, and 9.6.x are affected.
d9fdcc876fdb2924d1ff1acb39eb8b431d9858e58ba9bb63afddfef5b1a68a58
Bordeaux, Bulteno, Oxygen, Radial, Rayoflight, Reganto, and Rockstar WordPress themes suffer from a remote file upload vulnerability. This archive houses metasploit modules that exploits these issues.
22d89edcefa40f2e4c5a02d158b4a1dab6cbe9a532bae5bebe50cbf50b186e55
Drupal Misery third party module versions 6.x and 7.x suffer from a denial of service vulnerability.
2dbacaa5074afcac5bea98ac5f26e51b44c1bb2fe470ed14db52df337f08beac
Toshiba e-Studio versions 232, 233, 282, and 283 suffer from a cross site request forgery vulnerability.
813b25171d5d0ee903faa0d349f7ab7458ca3298b27e86eb94edb42fed507bfc
Drupal Groups, Communities and Co third party module version 7.x suffers from an access bypass vulnerability.
5534d53fdaf0ab5ad1c221bbf831f350d4927ba1423383b21c4974e91427dec0
Drupal Revisioning third party module version 7.x suffers from an access bypass vulnerability.
a310c0a00913e9a0020fe05c25ea2ad4190dbaac412bf4800f58506a13bf4c70