Feed aggregator
Vuln: CIS Manager 'TroncoID' Parameter SQL Injection Vulnerability
CIS Manager 'TroncoID' Parameter SQL Injection Vulnerability
Vuln: Fortinet FortiADC 'locale' Parameter Cross Site Scripting Vulnerability
Fortinet FortiADC 'locale' Parameter Cross Site Scripting Vulnerability
Vuln: JBIG-KIT LibJbig Image File Handling CVE-2013-6369 Remote Buffer Overflow Vulnerability
JBIG-KIT LibJbig Image File Handling CVE-2013-6369 Remote Buffer Overflow Vulnerability
next-20140414: linux-next
Version:next-20140414 (linux-next)
Released:2014-04-14
3.15-rc1: mainline
Version:3.15-rc1 (mainline)
Released:2014-04-13
Source:linux-3.15-rc1.tar.xz
PGP Signature:linux-3.15-rc1.tar.sign
Patch:patch-3.15-rc1.xz
ESA-2014-026: EMC Documentum Content Server Information Disclosure Vulnerability
Posted by Security Alert on Apr 11
ESA-2014-026: EMC Documentum Content Server Information Disclosure VulnerabilityEMC Identifier: ESA-2014-026
CVE Identifier: CVE-2014-0642
Severity Rating: CVSS v2 Base Score: 4 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
Affected products:
All EMC Documentum Content Server versions of 7.1
All EMC Documentum Content Server versions of 7.0
All EMC Documentum Content Server versions of 6.7 SP2
All EMC Documentum Content...
ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Up date for BEAST (Browser Exploit Against SSL/TLS) attacks
Posted by Security Alert on Apr 11
ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacksEMC Identifier: ESA-2012-032
CVE Identifier: CVE-2011-3389
Severity Rating: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Affected Products:
All versions of RSA BSAFE Micro Edition Suite (MES) except 4.0.5 and 3.2.6, all platforms
Unaffected Products:
RSA BSAFE MES 4.0.5, 3.2.6
Summary:
RSA BSAFE Micro Edition Suite...
ESA-2014-003: RSA® Data Loss Prevention Improper Session Management Vulnerability
Posted by Security Alert on Apr 11
ESA-2014-003: RSA® Data Loss Prevention Improper Session Management VulnerabilityEMC Identifier: ESA-2014-003
CVE Identifier: CVE-2014-0624
Severity Rating: CVSS v2 Base Score: 3.5 (AV:L/AC:H/Au:S/C:P/I:P/A:P)
Affected Products:
RSA Data Loss Prevention 9.0
RSA Data Loss Prevention 9.5
RSA Data Loss Prevention 9.6
Unaffected Products:
RSA Data Loss Prevention 9.6-SP2
Summary:
RSA® Data Loss Prevention versions up to 9.6 SP1 contain...
ESA-2014-019: RSA BSAFE® Micro Edition Suite Certificate Chain Processing Vulnerability
Posted by Security Alert on Apr 11
ESA-2014-019: RSA BSAFE® Micro Edition Suite Certificate Chain Processing VulnerabilityEMC Identifier: ESA-2014-019
CVE Identifier: CVE-2014-0636
Severity Rating: CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Affected Products:
RSA BSAFE Micro Edition Suite (MES) all 4.0.x versions prior to 4.0.5 and all 3.2.x version prior to 3.2.6
Unaffected Products:
RSA BSAFE MES 3.2.6, 4.0.5 and higher
Summary:
RSA BSAFE MES 3.2.6, 4.0.5...
Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue
Posted by Vulnerability Lab on Apr 11
Document Title:===============
Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1256
Video: http://www.vulnerability-lab.com/get_content.php?id=1257
Release Date:
=============
2014-04-11
Vulnerability Laboratory ID (VL-ID):
====================================
1256
Common Vulnerability Scoring...
CVE-2014-2384 - Invalid Pointer Dereference in VMware Workstation and Player
Posted by Portcullis Advisories on Apr 11
Vulnerability title: Invalid Pointer Dereference in VMware Workstationand Player
CVE: CVE-2014-2384
Vendor: VMware
Product: Workstation, Player
Affected version: VMware WorkStation v10.0.1 build-1379776 and VMware
Player v6.0.1 build-1379776
Fixed version: N/A
Reported by: Kyriakos Economou
Details:
The vmx86.sys (32 & 64-bit) kernel mode driver shared by various VMware
Windows products such as VMware Workstation and VMWare Player, allows...
SEC Consult SA-20140411-0 :: Multiple vulnerabilities in Plex Media Server
Posted by SEC Consult Vulnerability Lab on Apr 11
SEC Consult Vulnerability Lab Security Advisory < 20140411-0 >=======================================================================
title: Multiple vulnerabilities
product: Plex Media Server
vulnerable version: confirmed in 0.9.9.10
fixed version: none
impact: High
homepage: http://www.plex.tv
found: 2014-02-06
by: Stefan Viehböck...
[security bulletin] HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, Performance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information
Posted by security-alert on Apr 11
Note: the current version of the following document is available here:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04236102
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04236102
Version: 1
HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB
Browser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner,
Performance Center, "HeartBleed" OpenSSL...
[SECURITY] [DSA 2900-1] jbigkit security update
Posted by Moritz Muehlenhoff on Apr 11
-------------------------------------------------------------------------Debian Security Advisory DSA-2900-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
April 10, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : jbigkit
CVE ID : CVE-2013-6369
Florian Weimer of...
[ MDVSA-2014:076 ] a2ps
Posted by security on Apr 11
_______________________________________________________________________Mandriva Linux Security Advisory MDVSA-2014:076
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : a2ps
Date : April 10, 2014
Affected: Business Server 1.0
_______________________________________________________________________
Problem Description:
Updated a2ps...
next-20140411: linux-next
Version:next-20140411 (linux-next)
Released:2014-04-11
