The 9th International Conference on Security of Information and Networks (SIN 2016) has announced its call for papers. It will be held July 20th through the 22nd, 2016 at Rutgers University, New Jersey, USA.
d8e42c9b83b138af8d51b4b6b6a4fa26ca59d8933b6f5c1ae0cbfdc2e40694aaDebian Linux Security Advisory 3468-1 - It was discovered that polarssl, a library providing SSL and TLS support, contained two heap-based buffer overflows that could allow a remote attacker to trigger denial of service (via application crash) or arbitrary code execution.
dcc369e025a899d9f680a33b7cb580eeba1d22d47e4ba4c3e31d5f5e05b916f8Debian Linux Security Advisory 3467-1 - Several vulnerabilities have been found in tiff, a Tag Image File Format library. Multiple out-of-bounds read and write flaws could cause an application using the tiff library to crash.
4de1e5f03eb73d9cbdb113608e7480a8d2ed60513f8818ee85c0d92ed5f3ef28HP Security Bulletin HPSBGN03430 3 - A potential security vulnerability has been identified with ArcSight Management Center, ArcSight Connector Appliance, ArcSight Logger, and ArcSight SmartConnectors. The vulnerability could be exploited locally to allow elevation of privilege. Note: The following products are not vulnerable if installed as a non-root user: ArcSight Management Center, ArcSight Connector Appliance, ArcSight Logger, and ArcSight SmartConnectors. Revision 3 of this advisory.
d7215ebcf539ffb9d1d26047055f4347fa2c8b28d8000805204f6fc6ab162380HP Security Bulletin HPSBGN03434 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HP Continuous Delivery Automation. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
7e654d5a1eb622679ffbb71b8a9e1bc9ac44c4d4aadffd7c946a269d5f4c01c9Red Hat Security Advisory 2016-0126-01 - OpenStack Object Storage provides object storage in virtual containers, which allows users to store and retrieve files. The service's distributed architecture supports horizontal scaling; redundancy as failure-proofing is provided through software-based data replication. Because Object Storage supports asynchronous eventual consistency replication, it is well suited to multiple data-center deployment. A memory-leak issue was found in OpenStack Object Storage, in the proxy-to-server connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption.
505fd7e0368ad3cb93c5143c2551b37098b2ff34b10a0fbcf99104dd304b176cHP Security Bulletin HPSBHF03431 2 - Potential security vulnerabilities have been identified with HPE Network Switches. The vulnerabilities could be exploited locally to allow bypass of security restrictions, and indirect vulnerabilities. Note: Versions 15.16.xxxx and 15.17.xxxx were incorrectly identified as vulnerable, the only affected versions are KB.15.18.0006 & KB.15.18.0007. Revision 2 of this advisory.
79923e59e05af2bc3f8e62b642a330a30b72e6adaaa6ad4befab8db3b9ea92beOpen Real Estate version 1.15.1 suffers from weak password hashing, cross site scripting, and remote SQL injection vulnerabilities.
5056163ea8c485c04c1bc20b6a2ada1433509338178bc12d85a7d117dcaa4188Charts 4 PHP version 1.2.3 suffers from a cross site scripting vulnerability.
9f52771a595d4f701fedd8c6ec11273b06d58e6e9c1035201c77176077d21fddWordPress Booking Calendar Contact Form plugin versions 1.0.23 and below suffer from a remote shortcode blind SQL injection vulnerability.
5fdf0d12745eb82122b684978ff9da6bac77512d66850264e4f39fc6976659e2WordPress Booking Calendar Contact Form plugin versions 1.0.23 and below suffer from a remote blind SQL injection vulnerability.
2c080314815d4e1cf1599a8ace07706654eb3a1b321b31a066141c15d3ce6fecOracle Java versions 6, 7, and 8, and Virtualbox are all susceptible to DLL hijacking vulnerabilities.
82cdf68a4ca2c9094941a6fbd4d3d80cb776cfafd02cc545e68be9d176f37321WinRAR versions 5.30 and below suffer from a DLL hijacking vulnerability.
26acb815e8abef59d0551c80639141cfcdbaaa4240e042546d4ad73062179ac6Getdpd suffers from a malicious script insertion vulnerability.
0ffa66db827bd68f372c957dc8ff85afd39f24098978fa122f2458b43d077a56WordPress Booking Calendar Contact Form plugin versions 1.0.23 and below suffer from cross site request forgery and cross site scripting vulnerabilities.
d37af5a71fee96889b46f17bc669c474a3edc49eef29a361d9f2f3e73f19dd78Alsovalue CMS from 2016Q1 suffers from a remote SQL injection vulnerability.
021180a721e0aa556829c9492fc4672f98db19463d73a424e3d4545d1f4f2057
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed