WordPress User Role plugin version 1.4.1 suffers from a cross site scripting vulnerability.
fbc8ae9d4bf8b35fec5985f4353e4edf07c7ae595dee0a8d652bd3b7b3b0cab7WordPress Twitter plugin version 2.37 suffers from a cross site scripting vulnerability.
928279a329af3b134b1e61a3720d20a6701b1a7824371624d80d22afc2551f18WordPress Social Essentials Social Stats and Sharing Buttons plugin version 1.3.1 suffers from a cross site scripting vulnerability.
460084134fd285e4afc77e4e3da832e98376bc786e52c0d4c361c08136dc5da4WordPress Sender plugin version 0.7 suffers from a cross site scripting vulnerability.
328affddff458ccfc6f6002b701e619b6f9f873bd8ddfa78261da6bcb5e60763WordPress Sender plugin version 0.7 suffers from a cross site request forgery vulnerability.
156064be38ffd682caffe9856b3a2445a8cbe7b612a946ceb37bfa13e48b09f7WordPress Relevant Related Posts plugin version 1.0.7 suffers from a cross site scripting vulnerability.
e960549a2ae7e545f3ec40eb918aebcfdcfaee6372b6f3061f7113ff2d746f13WordPress Quotes and Tips plugin version 1.19 suffers from a cross site scripting vulnerability.
e5d4afa9ded7997863867d543a78755ed2051f542b899348fe36e1ec76c7b86cWordPress Portfolio plugin version 2.27 suffers from a cross site scripting vulnerability.
982fc87801e174f9c3dfad7f3cf3c36004f35a5a7a86aa86e4952cff1e66bb1eWordPress PDF and Print plugin version 1.7.4 suffers from a cross site scripting vulnerability.
ef613a2e78d1204b8c5e80cf9baac8484964fbe977175e722ddbc96290480135WordPress Limit Attempts plugin version 1.0.3 suffers from a cross site scripting vulnerability.
714d0a168a2db9c5c6a11c7bb2189042233bd0c99c18da676ae4f25a53f65ed9WordPress Limit Attempts plugin version 1.0.3 suffers from a cross site request forgery vulnerability.
6120f9b1557572e16438fa74a688e3ee794dfd8618b2f44a962fc98d75927d11Debian Linux Security Advisory 3425-1 - Cedric Krier discovered a vulnerability in the server-side of Tryton, an application framework written in Python. An authenticated malicious user can write arbitrary values in record fields due missed checks of access permissions when multiple records are written.
514f808f0d9e7117f9207a8b5ef1610e417dcbc3ef385ae1b78d2ea6da00647fUbuntu Security Notice 2844-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
b4cd0bc253990e55a6ecc2c204566cda6ed9cd5f6cf7e24e01d7c2684add877fUbuntu Security Notice 2843-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
f479df664dd8312e1d62280d98193f75f0d711e3ff7b1a9290dd88a9b27a19bcUbuntu Security Notice 2842-2 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
a5afc6600211fee4092359c7676a6587ef99dbb6b0927cfbf42276bdf656c3e8Ubuntu Security Notice 2842-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
f15c2f33f4786bc4f7ee04869838e57eaef6dac30e29cec3994dd7170aca39f8Ubuntu Security Notice 2841-2 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
aab7b8a18a2eeea06d3bd68e70d7384b8208fa178992a4e636bcea7bb44436e4Ubuntu Security Notice 2841-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
feea045271b1b06eb4f378183ee7bc3c161927c90e23d465be242578c3050baaUbuntu Security Notice 2840-1 - Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. Various other issues were also addressed.
80fb709cf813138ac610699be9a980c35f20439568f9d3a1af1dc62faaed2bb6Debian Linux Security Advisory 3337-2 - The patch applied for gdk-pixbuf to fix CVE-2015-4491 in DSA 3337-1 was incomplete. This update corrects that problem.
b54daebcac5e6d9a85f36ecc0dabe2d22fbeed19592e5b625ba4223771e22aa0Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.
68f5fec9febf679a1d496c045304b8ee035db3570935ccba7b99aa9d17403c0aDebian Linux Security Advisory 3424-1 - Ivan Zhakov discovered an integer overflow in mod_dav_svn, which allows an attacker with write access to the server to execute arbitrary code or cause a denial of service.
1682a31620689d5a691cab9b675e369012e468beda7a3390bc1e93cb29f05994HP Security Bulletin HPSBHF03528 1 - A potential security vulnerability has been identified in HP Network Products running VCX. This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" which could be exploited remotely to allow unauthorized modification. Revision 1 of this advisory.
7e050832a255f8e7ea1fdf93a0027490415a3a846a1e4198d2381eb2096e3543Debian Linux Security Advisory 3423-1 - Several SQL injection vulnerabilities have been discovered in Cacti, an RRDTool frontend written in PHP. Specially crafted input can be used by an attacker in the rra_id value of the graph.php script to execute arbitrary SQL commands on the database.
c27b03bedc1d4f86e3ff26013e506674b7a595b483450b54fc20acb03aa88410Debian Linux Security Advisory 3421-1 - Hector Marco and Ismael Ripoll, from Cybersecurity UPV Research Group, found an integer underflow vulnerability in Grub2, a popular bootloader. A local attacker can bypass the Grub2 authentication by inserting a crafted input as username or password.
f4156217b5ae9a185551968893e74ac46477b0a78d1291d5790c57d0344da25d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed