Cisco Security Advisory - A vulnerability in Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges. The vulnerability is due to improper validation of URL requests. An attacker could exploit this vulnerability by requesting an unauthorized command via a specific URL. Successful exploitation could allow an authenticated attacker to execute system commands with root-level privileges. Cisco has released free software updates that address this vulnerability. A software patch that addresses this vulnerability in all affected versions is also available. Workarounds that mitigate this vulnerability are not available.
2085552f3da2a1de4ba3036cf8124df7234b01446b9bb08ae5f19907c7e9ae85HP Security Bulletin HPSBST02955 - Potential security vulnerabilities have been identified in 3rd party software used in HP XP P9000 Performance Advisor running Oracle and Apache Tomcat Software. HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity. Revision 1 of this advisory.
7a0da1c21ab0ea1ff0e437cda710d643179e7469a520d96d54e7b1e4ad034845Drupal Mime Mail third party module version 6.x and 7.x suffer from an access bypass vulnerability.
bcf2575491826b0710730dc39d915d6af8fe276f8edf30d29d0e119fe33af483HP Security Bulletin HPSBPI02869 SSRT100936 3 - A potential security vulnerability has been identified with HP LaserJet MFP printers, HP Color LaserJet MFP printers, and certain HP LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to files. Revision 3 of this advisory.
4c59ce6eebc678501a609d6ecc4489c93d0aac9371b86e05604dad9152f1ca81Drupal Content Locking third party module versions 6.x and 7.x suffer from a cross site request forgery vulnerability.
16cd79d67b6d805f59cc01b989a8be123d70328cbc9af0cc97a00012b4b6168dApple Security Advisory 2014-02-25-3 - QuickTime 7.7.5 is now available and addresses multiple security issues related to denial of service and arbitrary code execution.
d19d51684f4d799bc85e0de254dedd61e3c5f79f8604e717e35213ae98ea6da9Apple Security Advisory 2014-02-25-2 - Safari 6.1.2 and Safari 7.0.2 is now available and addresses an issue where visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
5f115e3656944c57ae6ad7a470d49b01ef3a6dc1308fcc4e1edf5fa848043874Apple Security Advisory 2014-02-25-1 - OS X Mavericks 10.9.2 and Security Update 2014-001 is now available and addresses multiple security issues including the recent SSL vulnerability.
1d8f727073c1ea1d6289c8c7fa93c5237ad978b58d6ca700d78a6f12ea0f3b83Barracuda Web Firewall version 6.1.0.016 suffers from a persistent script insertion vulnerability.
fa8731752b65dbe18c0a5dcb5bf6a32f993c8ace5f0907cd6d1366c6fc2cce5dHP Security Bulletin HPSBMU02966 - A potential security vulnerability has been identified with HP Operations Orchestration. The vulnerability could be exploited to gain unauthorized access to information. Revision 1 of this advisory.
32d365b078cb65bcb4beceeac0ade27c68c83a77127c990b36aeb5f30104c0baUbuntu Security Notice 2122-1 - It was discovered that FreeRADIUS incorrectly handled unix authentication. A remote user could successfully authenticate with an expired password. Pierre Carrier discovered that FreeRADIUS incorrectly handled rlm_pap hash processing. An authenticated user could use this issue to cause FreeRADIUS to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service. Various other issues were also addressed.
0a995469005a5d9cd6cf4dd533400746453f53f7672a93339e2f298e285126efUbuntu Security Notice 2123-1 - It was discovered that file incorrectly handled Composite Document files. An attacker could use this issue to cause file to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. Bernd Melchers discovered that file incorrectly handled indirect offset values. An attacker could use this issue to cause file to consume resources or crash, resulting in a denial of service. Various other issues were also addressed.
c15cd48bc8b2799f13c365755252a2482623291ddeebb7c5be3f90af4ec34e10Gentoo Linux Security Advisory 201402-27 - A vulnerability in pidgin-knotify might allow remote attackers to execute arbitrary code. Versions 0.2.1 and below are affected.
bd35a01c12edbb39efb00665101fb5625886d7cf8e22e46d5468af7c2c2f6b98Piwigo version 2.6.1 suffers from a cross site request forgery vulnerability.
9fa115551f322ba1a0b022b4e18de7ff9a95a261a5eb3f402337f5cf4f4d20a2CosmoShop ePRO version 10.17.00 suffers from an authentication bypass vulnerability.
9ca82553e2a91b39a4615aa811e754f8bc091c8b5bfe3f6def05090e26d88f4cWordPress Alpine PhotoTile for Instagram version 1.2.6.5 suffers from a cross site scripting vulnerability.
fb0e7ff33564e1c67c0ba31392952aafa3ffd8c78f14845e2a0d34d6165e9147WordPress PrintFriendly plugin version 3.3.7 suffers from a cross site scripting vulnerability.
0597b3f3efd8178b04551532352cc9d00f93f12822c84d0ab5fd356b6533aa61Drupal Project Issue File Review third party module version 6.x suffers from a cross site scripting vulnerability.
e28a6cbac52ea9062d475561ecd582132a19356c74b977a8f2c3c14fd96983e8WordPress mp3-jplayer plugin version 1.8.7 suffers from a cross site scripting vulnerability.
91b07fd21c45f1692daef0821fa7179eaedefe8e444588acf5a7ee01b5f84792WordPress BSK PDF Manager plugin version 1.3 suffers from a cross site scripting vulnerability.
5c5300181fb7e63a9409940bf6f5c2ca5a0fba53380dad56c2750875d79e9315Drupal Open Omega third party theme version 7.x suffers from an access bypass vulnerability.
3ffbc3e066436f401887a605bc6972b7273f85ee4b6ffcd592b9a0d7aa384779WordPress VideoWhisper Live Streaming plugin version 4.29.6 suffers from a cross site scripting vulnerability.
f31d3cbdaf63234b21c5fb7834cf22badf88ed91b40256060480d17b14fee27fWordPress Widget Control Powered by Everyblock plugin version 1.0.1 suffers from a cross site scripting vulnerability.
ba19ab112ca4f59177f954fde29f8db27ebda68e9b8957708911bfc40b9ad510GoAhead Web Server versions prior to 3.1.3 suffer from a denial of service vulnerability.
62316905684cbb42f570b049e4d87177417005d271d14da5f3b675df0a3f533aWordPress Post to PDF plugin version 2.3.1 suffers from a cross site scripting vulnerability.
dfe32028cb2dfb453144c718be3ef8f11ff9595e5a6081f52cc999718970b5fc
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed