The BugCON 2016 call for papers has been announced. BugCON will take place from November 4th through the 5th, 2016 in Mexico City.
34f51cba0a42d5764ddf0403ab50f6a4e3e469d1832c5b7d5038001656d820ba
AccelSite Content Manager version 1.0 suffers from a remote SQL injection vulnerability.
5d7e2e0d2ddc9a4e5bcd0484ae80530e67506ee14b62c67305976d838ddd2d5f
Monsta Box WebFTP suffers from an arbitrary file read vulnerability.
17b16ca800abe893b240e9494d98637b640c281294456b8dcb365bb6eb74581f
HP Security Bulletin HPSBGN03570 1 - A potential vulnerability has been identified in HPE Universal CMDB. The vulnerability could be exploited to allow remote disclosure of information and URL redirection. Revision 1 of this advisory.
cded0beb7c038c4fd2805a428dfa827a51defd9dee0f292b95bd6480ed3e3308
Red Hat Security Advisory 2016-0610-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.616. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
5145ad8c00fcfd2b59e1d57411a22febeb7e651b05d88217b455d025ff236f82
Debian Linux Security Advisory 3546-1 - Hans Jerry Illikainen discovered that missing input sanitising in the BMP processing code of the optipng PNG optimiser may result in denial of service or the execution of arbitrary code if a malformed file is processed.
210b69d1809ea34e8a405f8283167621310c8d09463d3ddcad623f46f56f28e6
Ubuntu Security Notice 2917-2 - USN-2917-1 fixed vulnerabilities in Firefox. This update caused several regressions that could result in search engine settings being lost, the list of search providers appearing empty or the location bar breaking after typing an invalid URL. This update fixes the problem. Various other issues were also addressed.
f36da0e5e9db6c8e433d61406ed2aa35dd8f3f26d8a337c2a2daff062a748a1d
Debian Linux Security Advisory 3545-1 - Several vulnerabilities were discovered in cgit, a fast web frontend for git repositories written in C. A remote attacker can take advantage of these flaws to perform cross-site scripting, header injection or denial of service attacks.
cef76764039e0dc67f7f5789189b07c4250b3fb6df5795f7458602bbcee0e4fd
Debian Linux Security Advisory 3544-1 - Several vulnerabilities were discovered in Django, a high-level Python web development framework.
e938d6dc16c823fc64821adc1c53531026cd4e21074c23113d3177cbd9bba05c
Apple Intel HD 3000 graphics driver version 10.0.0 suffers from a local privilege escalation vulnerability.
3e5d2696bc6839ebf47fb06c0e42e065d3ee82398e3dd4e1241db80224bc448f
WordPress Multiple Meta Box plugin version 1.0 suffers from a remote SQL injection vulnerability.
d3af67c180a38ce1677e54de300a618d00bf7925dc2973a7656f9b4d33f23c4e
Perli version 2.6 suffers from filter bypass and script insertion vulnerabilities.
ae2c77195219e12e19701d2f72726b14661ff8c8b0e4ffcfa7f5263b6f6798ca
Eight Webcom CMS 2016 Q2 suffers from a remote SQL injection vulnerability.
4f9e67bdeab4bbf09fd9f28993a0ba86e6606a8be2b5c80d9764c0525b2ba810
MESS version 0.154-3.1 suffers from a buffer overflow vulnerability.
f2f21c0ad26b1b02471da31ead8ec55d6dc72edcedbf156fcdf8d074e1ef85f9
Quicksilver HQ VoHo Concept4E CMS version 1.0 suffers from multiple remote SQL injection vulnerabilities.
e57e7050e8bc228fc7f6f47f84c7274a56e997ed2a9cd2d299d8f2b0a7b33578
JPEGSnoop versions 1.7.3 and below suffer from a dll hijacking vulnerability.
69e0cc0aa0898ecdb50d0df884869ab8b7030ffd6d25abeff6de62e891875908