Joomla Guru Pro component suffers from a remote SQL injection vulnerability.
bf9a3d7881c18454ddcb496ee9a0969f23f479df14f5e17d75d2fcaa167cd425Red Hat Security Advisory 2016-1428-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. Security Fix: A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter. This issue was discovered by David Gutierrez .
0b5091211c52d0dbb196bcf103d460df18ea13e04290b1645a58a1735494e94cRed Hat Security Advisory 2016-1429-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. Security Fix: A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter.
0f36afb3eaec29b351e9e6b93d7fb5e04e0a246c5030d2eb0677558718a4c80bRed Hat Security Advisory 2016-1427-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: The Kubernetes API server contains a watch cache that speeds up performance. Due to an input validation error OpenShift Enterprise may return data for other users and projects when queried by a user. An attacker with knowledge of other project names could use this vulnerability to view their information.
609259b677d2d1290bf92ab59f9f7e371ac8218db4e593ac576bbfc0cd33fafdUbuntu Security Notice 3033-1 - Hanno Boeck discovered that libarchive contained multiple security issues when processing certain malformed archive files. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. Marcin "Icewall" Noga discovered that libarchive contained multiple security issues when processing certain malformed archive files. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
20397b68c196f08762e206ddfee872c463277203d02a0239edab2890f6948681Red Hat Security Advisory 2016-1425-01 - Nginx is a web and proxy server with a focus on high concurrency, performance, and low memory usage. The following packages have been upgraded to a newer upstream version: rh-nginx18-nginx. Security Fix: A NULL pointer dereference flaw was found in the nginx code responsible for saving client request body to a temporary file. A remote attacker could send a specially crafted request that would cause nginx worker process to crash.
9fcd8d112d10abaef25aeda680eb55de09f14a8ddc7a322ba0951f7a1c8d2fc6Joomla Zh GoogleMap component version 8.1.2.0 suffers from a remote blind SQL injection vulnerability.
7b82f572f01aff1c1ec0a6132debe285e04814d92c40e4860cc6ab1c558f7300SAP xMII version 15 suffers from a cross site scripting vulnerability.
5850231991ac99f0ad17f7ed8105673b22741e6d0c9e698a5cc695f008b1af0eSAP NetWeaver Enqueue Server version 7.4 suffers from a denial of service vulnerability.
99a16a30bd31df9bdc036bd0035a07a2d7a2e3eb036b6050b71e1fd2acb89ff1An attacker can trigger an XML Entity Expansion or XML External Entity Injection. This causes the entire machine to become unresponsive until the process is terminated manually. An attacker can use this flaw to perform a denial-of-service (DoS) attack. SAP NetWeaver AS JAVA version 7.4 is affected.
00d680c67dc60d3912397c85f8496bcdaca53ce2cb060a4c8ebe9fc69b59c8a2Irfan View version 4.42 suffers from multiple crash vulnerabilities.
d8b34f2ac98cb14fe582e633c1a7fd986c688540153b7c02ef5cf5d86bfdb7faUbuntu Security Notice 3035-2 - Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O ring buffer to the other nodes. A local attacker could use this to cause a denial of service.
f7652dd208ef24f0a219052437c7c7b07779332917aa7e9a440e0ef65a787d42Ubuntu Security Notice 3035-1 - Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O ring buffer to the other nodes. A local attacker could use this to cause a denial of service.
65ab0ff000143d02fb5fc13e75b5b9e3d9e743eb36f2c7bbe90911535c33e824Ubuntu Security Notice 3034-2 - USN-3034-1 fixed a vulnerability in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O ring buffer to the other nodes. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
628f50c8daf08a5c72f1e31d1cb5432246b54c7d2a0d1d13acb505d93aced5f3Ubuntu Security Notice 3034-1 - Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O ring buffer to the other nodes. A local attacker could use this to cause a denial of service.
f938a923e862875550071342ec8eb3ba012f2edcdcbff37230b39fbe17df7068flux-setup.exe from f.lux suffers from a dll hijacking vulnerability.
5e6f71f21ce3ca0274fc9a2aa2ce79dd16a1ecc670bdff14847d950f1f1c0a98
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed