The Microsoft Windows kernel suffers from a use-after-free vulnerability in BGetRealizedBrush.
9748fca6fbb5ef34f232cdeeda20cce0f47e4feea1fa4c9a9f7b321d183c13cb
iTop version 2.1.0-2127 suffers from a cross site scripting vulnerability.
f4b6534491d5293f2fea76c29c6b8aadee6b449a909842e6180df88d6e311a00
Open-Xchange Server 6 version 6.22.9 and AppSuite versions 7.6.2 and below suffer from a cross site scripting vulnerability.
c9c4d8ccdad8eb8bf72cebfe60896e103804e4d5ce9efd53ba50b89a83af98c9
This Metasploit module allows remote command execution on the w3tw0rk / Pitbul IRC Bot.
a66d2214cda0b74148ccafd0385d0e911312b00a6a8e83f79d778d3df8c97ac7
Guard versions 2.0.0-rev7 and below suffer from a remote SQL injection vulnerability.
3c809640481eb4fdb7281fa918f2ac3bef55825d59b63af8b4673e6934d06de1
Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, and -current to fix security issues.
ebc5258643f93251773ac8fc97ebdb8aac0a82b9421ca55faf925ae4415070e9
Ubuntu Security Notice 2743-2 - USN-2743-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
986b83654da1e91607d0d1a9f51b803b6779ff1380d7d14bd5db7bbf5cc5c08b
The Microsoft Windows kernel suffers from a FlashWindowEx related memory corruption vulnerability.
aa59811bd905801dec0d9cc27fe51730ae27b8776b206fdd60d6a08739d77ef3
Ubuntu Security Notice 2743-1 - Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
8d33a81f77c730f95dd16f3bab40f85d87cd0c537040f9d23f930b588ce628df
Onapsis Security Advisory - SAP Business Objects suffers from a memory corruption vulnerability. By exploiting this vulnerability an unauthenticated attacker could read or write any business-relevant information from the Business Intelligence Platform and also render the system unavailable to other users.
38f5d4c8882c9a29b1c46ec18ce9b8b283de108c7ffe457c455f9e65e781276c
HP Security Bulletin HPSBGN03391 1 - A potential security vulnerability has been identified with HP Universal CMDB Foundation, HP Universal Discovery, HP Universal CMDB Configuration Manager, and HP Universal CMDB Browser. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
2bf9e9c2b9e092721af653a4f13005c47bad6c8605a730281997473046c6220b
HPE Security Bulletin HPSBUX03511 SSRT102248 1 - A potential security vulnerability has been identified in the HP-UX BIND service running named. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
f0f4a425f26cfc537edf32966bbe5b3a92ba5abc570439e968df19dcaebde252
Red Hat Security Advisory 2015-1814-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin APSB15-23 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
04645ca6049eed8e86e1550e5b314b7363f20c40256c27ff7eeadf40c1b033a8
Debian Linux Security Advisory 3364-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service.
8bf9da5be4e19bd80a46b0d6dca4e33f958d1700f95fd2553a38de299594cc34
Red Hat Security Advisory 2015-1834-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
fbc7cfc2cae262eb85335aecf1f1df1702139190a5fa7f1496fa9aa39509c7aa
Red Hat Security Advisory 2015-1833-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory.
1b9f9de6a561d36e27be6a6d8acd7ecf6adbb0c10073d9c0d28688c297cba284
The Microsoft Windows kernel suffers from a use-after-free vulnerability related to DeferWindowPos.
9efdbf279fadc7781fc05c4c484e7fa55163ee3b825c2a7de5f5e364ae5d2187
Cisco AnyConnect Secure Mobility Client for Windows is affected by an vulnerability that allows local attackers to execute arbitrary DLL files with elevated privilege. By exploiting this vulnerability is is possible for the attacker to gain SYSTEM privileges.
6e297eee712fe356db2c53d7b036bfdab4084dfcf2f39784ebf1a1798f5494f2
Cryptokiller is a proof of concept tool designed to detect and stop the infection of Cryptolocker malware. It requires installation prior to infection.
ccf0eca33cb503b5c3c04d4ead32b3c49028a654e96b844df2574eb5e76f49aa
OS X Regex Engine (TRE) suffers from integer signedness and overflow issues.
c4c0f4887f90a7b044ece2c30e99c3551cdccd98d07ef1bb542fc7bca4fc060e
The Microsoft Windows kernel suffers from a use-after-free vulnerability in printer device contexts.
a07b9af66e76968a00a50316dfce34128aec9040ef04506e03d9536f8f6a3dfe
The Microsoft Windows kernel suffers from a use-after-free vulnerability in the cursor object.
95d27966a74a174f8e04f20a3a1138c7d875365b2e9461676084a3fa4f84f1a6
OS X Regex Engine (TRE) suffers from a stack buffer overflow vulnerability.
5ad1dbca55084a0bde0fa1fbe2614f5806fada2f7a3afbc24bc91426dba68011
The Microsoft Windows kernel suffers from a pool buffer overflow in NtGdiStretchBlt.
cec5a4d82cefd5f7408a48e23c6eaff40a66ebae181a5611b5534e09b970f5cc