Feed aggregator

Bugtraq: [ MDVSA-2014:215 ] gnutls

Security Focus Latest Security Advisories - November 19, 2014 - 12:30pm
[ MDVSA-2014:215 ] gnutls
Categories:

CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM

BugTraq Latest Security Advisories - November 19, 2014 - 10:48am

Posted by Portcullis Advisories on Nov 19

Vulnerability title: Multiple SQL Injections in Dolibarr ERP & CRM
CVE: CVE-2014-7137
Vendor: Dolibarr ERP & CRM
Product: Dolibarr ERP & CRM
Affected version: 3.5.3
Fixed version: 3.6.1
Reported by: Jerzy Kramarz

Details:

SQL injection has been found and confirmed within the software as an authenticated user. A successful attack could
allow an authenticated attacker to access information such as usernames and password hashes that...
Categories:

Bugtraq: [SECURITY] [DSA 3074-1] php5 security update

Security Focus Latest Security Advisories - November 19, 2014 - 10:00am
[SECURITY] [DSA 3074-1] php5 security update
Categories:

[SECURITY] [DSA 3074-2] php5 regression update

BugTraq Latest Security Advisories - November 19, 2014 - 7:40am

Posted by Yves-Alexis Perez on Nov 19

-------------------------------------------------------------------------
Debian Security Advisory DSA-3074-2 security () debian org
http://www.debian.org/security/ Yves-Alexis Perez
November 19, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : php5

The previous update for php5, DSA-3074-1, introduced...
Categories:

Reflected Cross-Site Scripting (XSS) in Simple Email Form Joomla Extension

BugTraq Latest Security Advisories - November 19, 2014 - 7:30am

Posted by High-Tech Bridge Security Research on Nov 19

Advisory ID: HTB23241
Product: Simple Email Form Joomla Extension
Vendor: Doug Bierer
Vulnerable Version(s): 1.8.5 and probably prior
Tested Version: 1.8.5
Advisory Publication: October 29, 2014 [without technical details]
Vendor Notification: October 29, 2014
Public Disclosure: November 19, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-8539
Risk Level: Medium
CVSSv2 Base Score: 4.3...
Categories:

Bugtraq: [ MDVSA-2014:214 ] dbus

Security Focus Latest Security Advisories - November 19, 2014 - 7:30am
[ MDVSA-2014:214 ] dbus
Categories:

Bugtraq: [ MDVSA-2014:213 ] curl

Security Focus Latest Security Advisories - November 19, 2014 - 7:30am
[ MDVSA-2014:213 ] curl
Categories:

[ MDVSA-2014:215 ] gnutls

BugTraq Latest Security Advisories - November 19, 2014 - 6:32am

Posted by security on Nov 19

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2014:215
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : gnutls
Date : November 19, 2014
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated...
Categories:

Bugtraq: CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload

Security Focus Latest Security Advisories - November 19, 2014 - 6:30am
CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload
Categories:

next-20141119: linux-next

Linux Kernel Updates - November 19, 2014 - 4:34am
Version:next-20141119 (linux-next) Released:2014-11-19

Bugtraq: CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload

Security Focus Latest Security Advisories - November 19, 2014 - 12:15am
CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload
Categories:

Vuln: HP Operations Agent CVE-2014-2630 Local Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - November 19, 2014 - 12:00am
HP Operations Agent CVE-2014-2630 Local Privilege Escalation Vulnerability
Categories:

Vuln: Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - November 19, 2014 - 12:00am
Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability
Categories:

Vuln: libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability

Security Focus Latest Security Advisories - November 19, 2014 - 12:00am
libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
Categories:

Vuln: libvirt 'domain_conf.c' Denial of Service Vulnerability

Security Focus Latest Security Advisories - November 19, 2014 - 12:00am
libvirt 'domain_conf.c' Denial of Service Vulnerability
Categories:

Vuln: libvirt CVE-2014-7823 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - November 19, 2014 - 12:00am
libvirt CVE-2014-7823 Information Disclosure Vulnerability
Categories:

Vuln: Microsoft Windows CVE-2014-6352 OLE Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - November 19, 2014 - 12:00am
Microsoft Windows CVE-2014-6352 OLE Remote Code Execution Vulnerability
Categories:

Vuln: Apple iOS CVE-2014-4457 Security Bypass Vulnerability

Security Focus Latest Security Advisories - November 19, 2014 - 12:00am
Apple iOS CVE-2014-4457 Security Bypass Vulnerability
Categories:

Vuln: libdigidoc DDOC Routine Arbitrary File Overwrite Vulnerability

Security Focus Latest Security Advisories - November 19, 2014 - 12:00am
libdigidoc DDOC Routine Arbitrary File Overwrite Vulnerability
Categories:

Vuln: Cisco IOS CVE-2014-7992 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - November 19, 2014 - 12:00am
Cisco IOS CVE-2014-7992 Information Disclosure Vulnerability
Categories: