Alienvault OSSIM/USM versions 4.14, 4.15, and 5.0 suffer from cross site scripting, remote command execution, and remote SQL injection vulnerabilities.
05fedd0172a711f1b3ebccf206431da754dbc59c1c66baabdd88b6a813ba1830
High-Tech Bridge Security Research Lab discovered a security vulnerability in the eShop WordPress Plugin, which can be exploited by remote attackers to overwrite arbitrary PHP variables within the context of the vulnerable application. The vulnerability exists due to insufficient validation of user-supplied input in the "eshopcart" HTTP cookie. Successful exploitation of this vulnerability may potentially result in arbitrary PHP code execution.
b646ba90f83bf6fbf8ded5692dab800ca1dad5f780ce50ab36b9848e60d3f6b3
The F5 ASM is a web application firewall designed to protect web applications from attacks. Due to the way that the system processes JSON content, it's possible to bypass the ASM using a crafted request to a URL that processes both JSON and regular URL encoded requests. Versions 11.4.0 and 11.4.1 are confirmed vulnerable.
e6abe385fd18e2857c231bede6a8524e4d82cb8ad1197e2ab340759994fa7bad
BIG-IQ version 0.0.7028 appears to disclose user passwords that are encrypted via an insecure direct object reference vulnerability and allows for user enumeration.
618c281cd293dfb71e842366efeeddc1f0dae18a8875e74149d2084d9cb32a1e
Red Hat Security Advisory 2015-0938-01 - OpenStack Image Service provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. Multiple flaws were found in the glance task API that could cause untracked image data to be left in the back end. A malicious user could use these flaws to deliberately accumulate untracked image data, and cause a denial of service via resource exhaustion.
8a77633d2a9686392c1ed9f581eaf3034f9af7f313fa11debbbc9aa4392cf265
Ubuntu Security Notice 2597-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
d0d7003df0fa18a33c041a905a2eb7307545321e7ce264bdbf46257709a12e9f
Ubuntu Security Notice 2598-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
e41f6861fc4c07d2bad2dfcf84d484a9a576146c997ba65cbe9ee9c9acd1e098
Ubuntu Security Notice 2599-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
6e56b2dfa07edb41e3e53ee72342001afc9de03ee9f8ff0f76eabcd893419061
Ubuntu Security Notice 2600-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
d731cce6bc09a061bbadd1c28873361734801228cf24f5a6bb1a21c5e6f15c72
Ubuntu Security Notice 2596-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
37299381b0e088a96de6a9d501af846fd4675f99e223f4ff472b3d021bdfcfce
Ubuntu Security Notice 2601-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
4ff1b0a01f949177c8dc9a413b02118d7bb0c37bb6667b10b5966fe2847e0ffc
Mandriva Linux Security Advisory 2015-230 - Squid configured with client-first SSL-bump does not correctly validate X509 server certificate domain / hostname fields.
c14ef8d66d6ecdb79a742a0b4b5f418c690959ebf030b5cf3dcf631856a76361
Mandriva Linux Security Advisory 2015-229 - It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could exploit this flaw to cause a crash or, potentially, execute arbitrary code.
b95ad09280de8c60ea8404a7c7fd41ee72aad044ca4c4cd46cdf6f916c05b0eb
Mandriva Linux Security Advisory 2015-228 - It was found that libuv does not call setgoups before calling setuid/setgid. This may potentially allow an attacker to gain elevated privileges. The libuv library is bundled with nodejs, and a fixed version of libuv is included with nodejs as of version 0.10.37. The nodejs package has been updated to version 0.10.38 to fix this issue, as well as several other bugs.
9493e9bfb065d44360ce1b5e261bc87ab3e33d151d072f83b0fd746027a63318
When a response for a request with a request body is returned to the user agent before the request body is fully read, by default Tomcat swallows the remaining request body so that the next request on the connection may be processed. There was no limit to the size of request body that Tomcat would swallow. This permitted a limited denial of service as Tomcat would never close the connection and a processing thread would remain allocated to the connection. Versions affected include Apache Tomcat 8.0.0-RC1 to 8.0.8, 7.0.0 to 7.0.54, and 6.0.0 to 6.0.43.
1ad1eefef30402ac2fe3a0012efc3d875f14db6ddf39ce0f35dd36949d4a85ea