Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
c8d1d3b6ce3d2a56577fca224424071afd921739d3859efc8a62229556d4beef
BisonWare BisonFTP Server version 3.5 is prone to an overflow condition. This Metasploit module exploits a buffer overflow vulnerability in said application.
ad92db3f8a0dd8f3d603187873cbcc879f069b52034b56d5481e2bd22b4892dd
EMC Isilon OneFS is affected by a privilege escalation vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions include EMC Isilon OneFS 7.2.1.0, 7.2.0.0 through 7.2.0.2, 7.1.1.0 through 7.1.1.4, and 7.1.0.x.
e2d777f280c8f4de1b10b38abc67618b8e6a0f1c6a21b29eb62ce8ab802369f6
Slackware Security Advisory - New pcre packages are available for Slackware 14.1 and -current to fix security issues.
6b622a8497108bd0b45667aa432a5e68a79cc42f3e823428ac3c4c7d028c898e
Debian Linux Security Advisory 3403-1 - This update backports changes from the commons-collections 3.2.2 release which disable the deserialisation of the functors classes unless the system property org.apache.commons.collections.enableUnsafeSerialization is set to 'true'. This fixes a vulnerability in unsafe applications deserialising objects from untrusted sources without sanitizing the InstantiateFactory, InstantiateTransformer, InvokerTransformer, PrototypeCloneFactory, PrototypeSerializationFactory and WhileClosure.
adb69be65adb4f0344cb7814e5ad87030f8cc2266e9ab7f0c44f39ba3b02bcb2
Ubuntu Security Notice 2816-1 - Ryan Butterfield discovered that Django incorrectly handled the date template filter. A remote attacker could possibly use this issue to obtain secrets from application settings.
da595e8eace605909d52fec9182fe2ce928c8f4eeb05c274314802dfc91845e8
Ubuntu Security Notice 2817-1 - It was discovered that IcedTea Web incorrectly handled applet URLs. A remote attacker could possibly use this issue to inject applets into the .appletTrustSettings configuration file and bypass user approval. Andrea Palazzo discovered that IcedTea Web incorrectly determined the origin of unsigned applets. A remote attacker could possibly use this issue to bypass user approval, or to trick the user into approving applet execution. Various other issues were also addressed.
0c95df3ba385830931e81928cf6357437d5124af42b0969aee880229cde673d0
SAP Sybase Adaptive Server Enterprise suffers from an XXE injection vulnerability.
eefc985f29a3508ca13dea522b15ac3c29c4c59a97887c2cc3fc596ee310c5aa