Drupal Spambot third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
f84f532463d0b8643fbc98fe57fc3395510fbc44b83cd93c48570005303b3a3bDrupal Fonecta Verify third party module version 7.x suffers from a cross site scripting vulnerability.
890ee983973b3f69264a683fa3b95828d971fce328f9f04ef22cff054a013487Drupal PRH Search third party module version 7.x suffers from a cross site scripting vulnerability.
d67d25edf22e48dbf40d639e717df894c1ed5203740d1f40e8b65f85bb30d788Secunia Security Advisory - Debian has issued an update for asterisk. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system.
3c42192388d2d4ededa8c23044ccb36a92f905a5ea67f64e112aad1e42550185Secunia Security Advisory - Janek Vind has discovered a weakness and two vulnerabilities in TorrentTrader, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to enumerate user names and bypass certain security restrictions.
9bfa31484d84cba15234a6cb9b12e9629f9f9cdc0c75727c694811b1968de20bSecunia Security Advisory - Ubuntu has issued an update for gnupg and gnupg2. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.
8140329f487b7696f0f5569283613bb46aa85c5412453cc9b52a68978f1a5f2cSecunia Security Advisory - SUSE has issued an update for otrs. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks.
8d8bfb689b44a7ed10c4803e0ce09a9cca99f0864eb533ae9a7a01ea6fc564b7Secunia Security Advisory - Red Hat has issued an update for libxml2. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.
3a78ef38e0a74168b278e5c98c0b0c9f481cfb65558dbdabd054edb1c946d2cdSecunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).
e1edaf714ba67afb3621c27d88cf8dcf28836db8d9df11be32a3c635c77f294aSecunia Security Advisory - Red Hat has issued an update for java-1.7.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
0b76220f9e042e2712bb3ee40065e43084a79f6a8fdf762c6b18c3d5539340cePoweradmin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
2529bb25ffa9a2a714a565fd39969f436f9d2495ffbc917168c7c28ad31c68b1SMF version 2.0.2 suffers from a local file inclusion vulnerability.
e46bc61338dc15e6122699dcdfbedf7e6c537bef58c05f33335fd7a8b4b54f4cFreeSWITCH version 1.2.0-rc2 suffers from a denial of service vulnerability.
5aa756caf40ef687260ff76387d86ad6f41ff530da51e45d006f9deaed2ab709Cyber WebCreations suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
7a7c07e55755ac4461651abc24f81600c6fda74225f1cba7c891dbf9d0b9b540Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
a15a2bb9200ac9f2c6f1c5e1072ac265a2c4fe5a9be4663b47d076afdfa123f8Technical Cyber Security Alert 2012-262A - An unpatched use-after-free vulnerability in Microsoft Internet Explorer versions 7, 8, and 9 is being exploited in the wild. Microsoft has released Security Advisory 2757760 with mitigation techniques.
aaddacb76fec3394a2d249d1d05dbfa6e9db436632983d807730431ef804fe14Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
0d0c778d4697d5c5bd4f732ca179c22e8e359c634617ca9b6665e33d1863622aUbuntu Security Notice 1571-1 - Glen Eustace discovered that the DHCP server incorrectly handled IPv6 expiration times. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service. This issue only affected Ubuntu 11.04, Ubuntu 11.10 and Ubuntu 12.04 LTS. Dan Rosenberg discovered that the DHCP AppArmor profile could be escaped by using environment variables. This update mitigates the issue by sanitizing certain variables in the DHCP shell scripts. Various other issues were also addressed.
c4c7c28d14b2657f49ee99fc2da433cca3b1afc7e4b47a3a94a66f4de5caf944Ubuntu Security Notice 1573-1 - Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. Various other issues were also addressed.
d804cb2cccde9e37f50b7012bbe098ccdb5cd794bdcce6827b4e73cd551562c2Ubuntu Security Notice 1572-1 - Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. Various other issues were also addressed.
8e54b0b63658ff46884504f29b08f97a2c0b44d85dce290671deefab14430f46Red Hat Security Advisory 2012-1289-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
657644f7487d43a6a320e6729072c650693e5a423f6a77714f52c2375cbe2a88Red Hat Security Advisory 2012-1288-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A one byte buffer overflow was found in the way libxml2 evaluated certain parts of XML Pointer Language expressions. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
e52f1b1cd88cdf7b50791d1283d7b0ac4e42fae0d3311c3b115ce75ab90bd4deDebian Linux Security Advisory 2550-1 - Several vulnerabilities were discovered in Asterisk, a PBX and telephony toolkit, allowing privilege escalation in the Asterisk Manager, denial of service or privilege escalation.
0698ea1591368544fbc9b217c600f16c59b3a68703988ddf1eb9742697d1d389Secunia Security Advisory - SUSE has has issued an update for kvm. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges and by malicious, local users to perform certain actions with escalated privileges.
66932258a6c2b76a3d44dfdd058af4a62109debd7e505d9b6b7aa8d8b6004c0fSecunia Security Advisory - SUSE has issued an update for chromium. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.
c7fa610ef355b1b42ceb634b20ecbba9baf9ac89bc6989a059e60d90e31a4130
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed