WordPress User Role plugin version 1.4.1 suffers from a cross site scripting vulnerability.
fbc8ae9d4bf8b35fec5985f4353e4edf07c7ae595dee0a8d652bd3b7b3b0cab7
WordPress Twitter plugin version 2.37 suffers from a cross site scripting vulnerability.
928279a329af3b134b1e61a3720d20a6701b1a7824371624d80d22afc2551f18
WordPress Social Essentials Social Stats and Sharing Buttons plugin version 1.3.1 suffers from a cross site scripting vulnerability.
460084134fd285e4afc77e4e3da832e98376bc786e52c0d4c361c08136dc5da4
WordPress Sender plugin version 0.7 suffers from a cross site scripting vulnerability.
328affddff458ccfc6f6002b701e619b6f9f873bd8ddfa78261da6bcb5e60763
WordPress Sender plugin version 0.7 suffers from a cross site request forgery vulnerability.
156064be38ffd682caffe9856b3a2445a8cbe7b612a946ceb37bfa13e48b09f7
WordPress Relevant Related Posts plugin version 1.0.7 suffers from a cross site scripting vulnerability.
e960549a2ae7e545f3ec40eb918aebcfdcfaee6372b6f3061f7113ff2d746f13
WordPress Quotes and Tips plugin version 1.19 suffers from a cross site scripting vulnerability.
e5d4afa9ded7997863867d543a78755ed2051f542b899348fe36e1ec76c7b86c
WordPress Portfolio plugin version 2.27 suffers from a cross site scripting vulnerability.
982fc87801e174f9c3dfad7f3cf3c36004f35a5a7a86aa86e4952cff1e66bb1e
WordPress PDF and Print plugin version 1.7.4 suffers from a cross site scripting vulnerability.
ef613a2e78d1204b8c5e80cf9baac8484964fbe977175e722ddbc96290480135
WordPress Limit Attempts plugin version 1.0.3 suffers from a cross site scripting vulnerability.
714d0a168a2db9c5c6a11c7bb2189042233bd0c99c18da676ae4f25a53f65ed9
WordPress Limit Attempts plugin version 1.0.3 suffers from a cross site request forgery vulnerability.
6120f9b1557572e16438fa74a688e3ee794dfd8618b2f44a962fc98d75927d11
Debian Linux Security Advisory 3425-1 - Cedric Krier discovered a vulnerability in the server-side of Tryton, an application framework written in Python. An authenticated malicious user can write arbitrary values in record fields due missed checks of access permissions when multiple records are written.
514f808f0d9e7117f9207a8b5ef1610e417dcbc3ef385ae1b78d2ea6da00647f
Ubuntu Security Notice 2844-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
b4cd0bc253990e55a6ecc2c204566cda6ed9cd5f6cf7e24e01d7c2684add877f
Ubuntu Security Notice 2843-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
f479df664dd8312e1d62280d98193f75f0d711e3ff7b1a9290dd88a9b27a19bc
Ubuntu Security Notice 2842-2 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
a5afc6600211fee4092359c7676a6587ef99dbb6b0927cfbf42276bdf656c3e8
Ubuntu Security Notice 2842-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
f15c2f33f4786bc4f7ee04869838e57eaef6dac30e29cec3994dd7170aca39f8
Ubuntu Security Notice 2841-2 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
aab7b8a18a2eeea06d3bd68e70d7384b8208fa178992a4e636bcea7bb44436e4
Ubuntu Security Notice 2841-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.
feea045271b1b06eb4f378183ee7bc3c161927c90e23d465be242578c3050baa
Ubuntu Security Notice 2840-1 - Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. Various other issues were also addressed.
80fb709cf813138ac610699be9a980c35f20439568f9d3a1af1dc62faaed2bb6
Debian Linux Security Advisory 3337-2 - The patch applied for gdk-pixbuf to fix CVE-2015-4491 in DSA 3337-1 was incomplete. This update corrects that problem.
b54daebcac5e6d9a85f36ecc0dabe2d22fbeed19592e5b625ba4223771e22aa0
Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.
68f5fec9febf679a1d496c045304b8ee035db3570935ccba7b99aa9d17403c0a
Debian Linux Security Advisory 3424-1 - Ivan Zhakov discovered an integer overflow in mod_dav_svn, which allows an attacker with write access to the server to execute arbitrary code or cause a denial of service.
1682a31620689d5a691cab9b675e369012e468beda7a3390bc1e93cb29f05994
HP Security Bulletin HPSBHF03528 1 - A potential security vulnerability has been identified in HP Network Products running VCX. This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" which could be exploited remotely to allow unauthorized modification. Revision 1 of this advisory.
7e050832a255f8e7ea1fdf93a0027490415a3a846a1e4198d2381eb2096e3543
Debian Linux Security Advisory 3423-1 - Several SQL injection vulnerabilities have been discovered in Cacti, an RRDTool frontend written in PHP. Specially crafted input can be used by an attacker in the rra_id value of the graph.php script to execute arbitrary SQL commands on the database.
c27b03bedc1d4f86e3ff26013e506674b7a595b483450b54fc20acb03aa88410
Debian Linux Security Advisory 3421-1 - Hector Marco and Ismael Ripoll, from Cybersecurity UPV Research Group, found an integer underflow vulnerability in Grub2, a popular bootloader. A local attacker can bypass the Grub2 authentication by inserting a crafted input as username or password.
f4156217b5ae9a185551968893e74ac46477b0a78d1291d5790c57d0344da25d