Red Hat Security Advisory 2016-0204-01 - The 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. An infinite-loop vulnerability was discovered in the 389 directory server, where the server failed to correctly handle unexpectedly closed client connections. A remote attacker able to connect to the server could use this flaw to make the directory server consume an excessive amount of CPU and stop accepting connections.
2a86633d21c9f33c3279907025113c7c3e7450a3cf982222fb1a853bf8300c23Debian Linux Security Advisory 3478-1 - Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that the ECDH secret decryption keys in applications using the libgcrypt11 library could be leaked via a side-channel attack.
261750c746fe589baf3fabde57e9825cb9d6cc220c4d09d214ff68a6bd5eda72Debian Linux Security Advisory 3479-1 - Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed.
d0e73d830bd0e10c507af71634a239a6ec899c968bbef3b77e0a766de4cc3467Red Hat Security Advisory 2016-0197-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. All Firefox users should upgrade to these updated packages, which contain Firefox version 38.6.1 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
936e217edeec064168d70fd655575a6acf9b4b927ff160b116e6463eddbf5ad3Windows kerberos security feature bypass exploit that leverages the vulnerability discussed in MS16-014.
cb587de0354495ec9c43859457e5b08438fd6f10d2200b2ac110e32a4472868adesk.com suffered from a cross site scripting vulnerability.
83da654ba2270bdcaa874faf02dd440d2b174258e4150dc3044474030cfef161Google Sites suffered from a persistent cross site scripting vulnerability.
a332b8cf268a1bd3d0465bc273b2614e26594ebf01b9bf3543a5c22e14b22646WordPress ALO EasyMail Newsletter plugin version 2.6.01 suffers from a cross site request forgery vulnerability.
d15b9b2cb283f5a668f6d8874e3826bf24cc65844b2d86d0e86e20c068dab600
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed