HP Security Bulletin HPSBMU03321 1 - Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. Revision 1 of this advisory.
e3bff405a71af31ef6d3e6d551520412a1779cdfbb37dbc4bd403f21f37a019bWordPress Community Events plugin version 1.3.5 suffers from a remote SQL injection vulnerability.
70c4d2ad7fac8ef6eafa221405685f5b06178fda04b4836ca54fa6d07950996dUbuntu Security Notice 2572-1 - It was discovered that PHP incorrectly handled cleanup when used with Apache 2.4. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled opening tar, zip or phar archives through the PHAR extension. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
244c6d018bed72ec3bf51a251a141d8c6742d2dddff7af1f4fe2c11621debdd0The WordPress SlideShow Gallery plugin contains an authenticated file upload vulnerability. You can upload arbitrary files to the upload folder, because the plugin also uses it's own file upload mechanism instead of the WordPress API it's possible to upload any file type.
9a7da5312dab92d7b283154818127736540719c6ad6ac81ce02c41aa922cfeb6Red Hat Security Advisory 2015-0858-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.
13f8409446168f20911b57e29034f0647d8480c24148b198b89e63ffd80a697aRed Hat Security Advisory 2015-0857-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
c54689f6ad7f395023088b0e36606b64d46cbcc83638c2801b0f61ddd5f0c4f5Laravel Framework versions since 4.1 suffer from a PHP objection injection vulnerability when encryption is turned off.
77f22e2a8757288c75c6f2b204358f81cc4f63d582e81dad74eced0ce382209aRed Hat Security Advisory 2015-0856-01 - PostgreSQL is an advanced object-relational database management system. An information leak flaw was found in the way the PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to execute by observing the constraint violation error messages produced when the query was executed. A buffer overflow flaw was found in the way PostgreSQL handled certain numeric formatting. An authenticated database user could use a specially crafted timestamp formatting template to cause PostgreSQL to crash or, under certain conditions, execute arbitrary code with the permissions of the user running PostgreSQL.
3d9bd9b652b5dd4ebbb712cc6ff829b52fc7c6607babb3a559a3c929cbd8f5ddDebian Linux Security Advisory 3230-1 - James P. Turk discovered that the ReST renderer in django-markupfield, a custom Django field for easy use of markup in text fields, didn't disable the ..raw directive, allowing remote attackers to include arbitrary files.
3270e5081886088b7ed8f4115a4706ecb72ef1ab0109663405f9e4dee0cff5b9Debian Linux Security Advisory 3229-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.43. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details.
61a31d80e9d7fc0245a18112cf1972442899d6b29454ef63f49e26c112dea75aSites designed by MediaSuite.ca appear to suffer from a file disclosure vulnerability. Note that this finding houses site-specific data.
d1c2b8dfa6337ed1c63d44afd525ee484513b4d9af978679cddb553a633fcd34Free Text-To-Speech version 2.0 suffers from a cross site scripting vulnerability.
46b05a206f7a1a4cbb0efcc61e5ac4f5fab77e9774ef23670eef275f70851f35This is a php script that uses a pre-defined set of possible passwords and tries them against a given ssh server.
2316d8b598d7c0a482970338c9957ea4a0a7f7e9923cf97c9506f57ab34e463d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed