Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.
f9a76aa6ef57f1e076d850e62ac67a8367c6409921849513eadf562a3be55d45Debian Linux Security Advisory 3473-1 - Several vulnerabilities were discovered in the resolver in nginx, a small, powerful, scalable web/proxy server, leading to denial of service or, potentially, to arbitrary code execution. These only affect nginx if the "resolver" directive is used in a configuration file.
5a0131255d426604bc49d6eab1f053482dc3f459ff36bca3874ae38d871d1625A.Shop version 3.9.3 suffers from a cross site scripting vulnerability.
e75752208b94e3a6392e7c18db6330f03f0d0bf8b28f922e23aa7657c3a605daSIMOGEO FileManager version 2.3.0 suffers from a remote unauthenticated arbitrary file upload vulnerability.
884c86420d19c602ad5d29714e0965518ec92bea36dc920356ed06112f6d2f74Serena Business Manager versions prior to 10.01 suffer from cross site scripting vulnerability.
394d7bf2e882041e4de119be2410ca7279db090fb9198946562cbb3307543e78WinREST point of sale machines suffer from a remote privilege escalation vulnerability.
4d27a4478ebe020f4d75fd9762c7f68bfa6613fd61fbcbd530618dab36c220f9Adobe Photoshop CC versions 16.1.1 (2015.1.1) and below and Bridge CC versions 6.1.1 and below suffer from multiple memory corruption vulnerabilities. Proof of concept files included.
c47fea6ad11b93329fb19de9eea9fb407d4dffd7dd33d618f48d7e6208f37393Ubuntu Security Notice 2893-1 - Jason Pang discovered that service workers intercept responses to plugin network requests made through the browser. An attacker could potentially exploit this to bypass same origin restrictions using the Flash plugin.
5c0db8d8db3729fc04ee575a45709e0abce40974774e308d158845f87e3848fbUbuntu Security Notice 2894-1 - It was discovered that PostgreSQL incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. It was discovered that PostgreSQL incorrectly handled certain configuration settings (GUCS) for users of PL/Java. A remote attacker could possibly use this issue to escalate privileges.
ebe796e3c42c7667f7ab898d34253c32dad4b56546133ebbb41b370de36a0f3eWordPress Duplicator plugin versions 1.1.0 and 1.2.0 suffers from a cross site request forgery vulnerability.
342573c1ecd68024aff28d6cad156bddd3d61c5bc7ca94df51716fa2886b1e36This bulletin summary lists two bulletins that have undergone a major revision increment for February, 2016.
5e62f02b24ab8e69b731fbbfb23373f01d52dfcc6c2bbd5543637a91bcf1aa91Gongwalker API Manager version 1.1 suffers from a remote blind SQL injection vulnerability.
0df8603c378f5942da36401675a3607d8fee33c8808c34faa5762539bbfce05bSIMOGEO FileManager version 2.3.0 suffers from a path traversal vulnerability.
2da1333d1854ffadee4895020af013fb9c198548c0309f8a2a80674321770fb8Microsoft Windows WebDAV blue screen of death denial of service proof of concept exploit that leverages the vulnerability outlined in MS16-016.
c468b723ba71e8296d1930ad5140d0ff9bb039c160c504c1d3db155a684a0264A2SV is an SSL scanning tool that checks to see if a service is vulnerable to Heartbleed, Poodle, and CCS injection vulnerabilities.
d04aa9e4dd8c4999c2469d655c05516950962503f92a52f6ad92b1b0d2bcde70
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed