RSA Data Loss Prevention 9.6.SP2 P5 contains fixes for multiple security vulnerabilities that could potentially be exploited by malicious users to compromise the affected system. These include information disclosure, cross site scripting, and clickjacking issues.
ee5519615a38ebb9db6380edf7f10a484254241087366a45ae65f1a55b2fa1a4WordPress Advanced Custom Fields plugin version 4.4.7 suffers from a cross site scripting vulnerability.
f7231aa5c88f5877440775085bf171e757e66fc77d0334fe6f65b579d97c1855HP Security Bulletin HPSBGN03547 3 - A security vulnerability in glibc has been addressed with HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus components. The vulnerability could be exploited remotely resulting in arbitrary execution of code. Revision 3 of this advisory.
3a3a7da261ca85e7feb593ac3b1137b0a8baf5a5661d975d9cd76acfc0ff825fUbuntu Security Notice 2936-2 - USN-2936-1 fixed vulnerabilities in Firefox. The update caused Firefox to crash on startup with the Oxygen GTK theme due to a pre-existing bug in the Oxygen-GTK3 theme engine. This update fixes the problem. Various other issues were also addressed.
157ccf1b44c12024cd9523ac2451dbf44f6e81c11cb7e3ab919c1c48794a67bfGentoo Linux Security Advisory 201605-1 - Git contains multiple vulnerabilities that allow for the remote execution of arbitrary code. Versions less than 2.7.3-r1 are affected.
cd303c2ea2bf11e1988f430bda5e50280583516e62632b2c5342af18603cccc8Ubuntu Security Notice 2957-2 - USN-2957-1 fixed a vulnerability in Libtasn1. This update provides the corresponding update for Ubuntu 16.04 LTS. Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service. Various other issues were also addressed.
c33eee1719d4d2b6b1e4d7568f56ee34ddadfeeda6aa155fa8494cd00e22fd1cUbuntu Security Notice 2957-1 - Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service.
4dd7a3a4941da644fe4723952615b99d9271dfd39e6b14dcdd6384b01fe51673Ubuntu Security Notice 2958-1 - It was discovered that the poppler pdfseparate tool incorrectly handled certain filenames. A local attacker could use this issue to cause the tool to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS. It was discovered that poppler incorrectly parsed certain malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. Various other issues were also addressed.
43e08913187cf8f3d9ef94c0abe6a6f0d81775e0a9417d19c6e2b22901da9b2cDebian Linux Security Advisory 3565-1 - Several security vulnerabilities were found in botan1.10, a C++ library which provides support for many common cryptographic operations, including encryption, authentication, X.509v3 certificates and CRLs.
d27e740622656c8ad3c7ce6dc7d5c1a9451a45192b16b054ee68a3a9c3718b63Debian Linux Security Advisory 3564-1 - Several vulnerabilities have been discovered in the chromium web browser.
6c88c4c3d89d90a8a443ae77f3264240e8a136f34c3373f329c5f155d54cffcbRed Hat Security Advisory 2016-0708-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 6 to version 6 SR16-FP25. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
1f1e565de83c79dd0d44cfbaff2b9b6777159a5636ed0b0b3113c7c606fc423aRed Hat Security Advisory 2016-0706-01 - Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Security Fix: It was discovered that Mercurial failed to properly check Git sub-repository URLs. A Mercurial repository that includes a Git sub-repository with a specially crafted URL could cause Mercurial to execute arbitrary code. It was discovered that the Mercurial convert extension failed to sanitize special characters in Git repository names. A Git repository with a specially crafted name could cause Mercurial to execute arbitrary code when the Git repository was converted to a Mercurial repository.
8d3ab188c8050ef61e4d414ae4a3622d517e9e409cfb8acea2df904721d13de6Red Hat Security Advisory 2016-0705-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: rh-mysql56-mysql. Security Fix: This update fixes several vulnerabilities in the MySQL database server.
61bf38b1cf0792be6db016a78a5d72159db8ff94854a70c0e551f3a548ebe5cfRed Hat Security Advisory 2016-0707-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 50.0.2661.94. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
b435bb07cff65239707748bd4ce79122e8ca22633b90ded5706e2dc57a65ad86Debian Linux Security Advisory 3563-1 - It was discovered that a heap overflow in the Poppler PDF library may result in denial of service and potentially the execution of arbitrary code if a malformed PDF file is opened.
5cb24620c7c7cbb79be59b28d87ce8d283b75bbc04576991a97d456aa9ad20deRed Hat Security Advisory 2016-0704-01 - In accordance with the Red Hat Storage Support Life Cycle policy, the Red Hat Ceph Storage 1.2 offering will be retired as of May 31, 2016, and support will no longer be provided. Accordingly, Red Hat will not provide extended support for this product, including Critical impact security patches or urgent priority bug fixes, after this date.
b4e887d73ab71f82bb93a5d791dabdb92acb8e09865fc54e68b0ee8384ba2a2cDebian Linux Security Advisory 3562-1 - Several vulnerabilities were discovered in tardiff, a tarball comparison tool.
306fe98ee2aa902b2d646bdb1b17d3da65dad3d3946ef5bf60eb09601f001e6bSlackware Security Advisory - New subversion packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
384ed0f0e1971c9917b9b019f463d5f21891e2feea3e327669254736a355f117Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
03680f1ef8d2175746213fd3947abf96e71e71cbed3020b9b5b7aef5f1626470Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
e423f753b93a8a51d515e0f972ee0096cb985df0c115ffa84e4a1ae57df37052Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
a5e74466bf5d7a40e44822cdd15c9e5cc024ccc34fa74f8f76dac9b988c0409fAcunetix WVS 10 remote command execution exploit that gains SYSTEM privileges.
3e317ba78571cb5a7ade2233913a96c8fc2d129ef22f7d72a39601d107cf8aadLocal privilege escalation exploit for Qualcomm's Secure Execution Environment (QSEE) that leverages PRDiag* commands.
5b72bda07562bc29d06783e77f7af87f375f1b00dbff74e3b5d146090d024e10WordPress Export to Ghost suffers from an unrestricted export download vulnerability.
7db2aec84014d689f596f4bcff5e31b0d437300c1641b1ccfa172a49cb99661cVBScan is a black box vBulletin vulnerability scanner written in perl.
c12e918da14aa71629c893643a7bac1ab6f469fdb72a868b4f2e8689e00a88fb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed