Feed aggregator

Vuln: Google Chrome CVE-2014-1740 Use After Free Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome CVE-2014-1740 Use After Free Remote Code Execution Vulnerability
Categories:

Vuln: Google Chrome CVE-2014-1741 Integer Overflow Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome CVE-2014-1741 Integer Overflow Vulnerability
Categories:

Vuln: Google Chrome CVE-2014-3157 Heap Based Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome CVE-2014-3157 Heap Based Buffer Overflow Vulnerability
Categories:

Vuln: OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
Categories:

Vuln: Dell SonicWALL Scrutinizer Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Dell SonicWALL Scrutinizer Multiple Security Vulnerabilities
Categories:

[security bulletin] HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code, Disclosure of Information

BugTraq Latest Security Advisories - July 23, 2014 - 9:19am

Posted by security-alert on Jul 23

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04374202

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04374202
Version: 1

HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code,
Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

SQL Injection in Е2

BugTraq Latest Security Advisories - July 23, 2014 - 9:09am

Posted by High-Tech Bridge Security Research on Jul 23

Advisory ID: HTB23222
Product: Е2
Vendor: Ilya Birman
Vulnerable Version(s): v2844 and probably prior
Tested Version: v2844
Advisory Publication: July 2, 2014 [without technical details]
Vendor Notification: July 2, 2014
Vendor Patch: July 3, 2014
Public Disclosure: July 23, 2014
Vulnerability Type: SQL Injection [CWE-89]
CVE Reference: CVE-2014-4736
Risk Level: High
CVSSv2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Solution Status:...
Categories:

[oCERT-2014-005] LPAR2RRD input sanitization errors

BugTraq Latest Security Advisories - July 23, 2014 - 8:59am

Posted by Daniele Bianco on Jul 23

#2014-005 LPAR2RRD input sanitization errors

Description:

LPAR2RRD is a performance monitoring and capacity planning software for IBM
Power Systems. LPAR2RRD generates historical, future trends and nearly
"real-time" CPU utilization graphs of LPAR's and shared CPU usage.

Insufficient input sanitization on the parameters passed to the application
web gui leads to arbitrary command injection on the LPAR2RRD application
server....
Categories: