Feed aggregator

Cisco Security Advisory: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability

BugTraq Latest Security Advisories - October 16, 2014 - 5:18am

Posted by Cisco Systems Product Security Incident Response Team on Oct 16

Cisco Security Advisory: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability

Advisory ID: cisco-sa-20141015-poodle

Revision 1.0

For Public Release 2014 October 15 17:30 UTC (GMT)

+---------------------------------------------------------------------

Summary
+======

On October 14, 2014, a vulnerability was publicly announced in the Secure Sockets Layer version 3 (SSLv3) protocol when
using a block cipher in Cipher...
Categories:

Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability

BugTraq Latest Security Advisories - October 16, 2014 - 5:07am

Posted by Stefan Horst on Oct 16

SektionEins GmbH
www.sektioneins.de

-= Security Advisory =-

Advisory: Drupal - pre-auth SQL Injection Vulnerability
Release Date: 2014/10/15
Last Modified: 2014/10/15
Author: Stefan Horst [stefan.horst[at]sektioneins.de]
Application: Drupal >= 7.0 <= 7.31
Severity: Full SQL injection, which results in total control and code execution of Website.
Risk: Highly Critical...
Categories:

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway Software

BugTraq Latest Security Advisories - October 16, 2014 - 4:58am

Posted by Cisco Systems Product Security Incident Response Team on Oct 16

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway
Software

Advisory ID: cisco-sa-20141015-vcs

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs

Revision 1.0

For Public Release 2014 October 15 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

Cisco TelePresence Video...
Categories:

Cisco Security Advisory: Cisco TelePresence MCU Software Memory Exhaustion Vulnerability

BugTraq Latest Security Advisories - October 16, 2014 - 4:50am

Posted by Cisco Systems Product Security Incident Response Team on Oct 16

Cisco Security Advisory: Cisco TelePresence MCU Software Memory Exhaustion Vulnerability

Advisory ID: cisco-sa-20141015-mcu

Revision 1.0

For Public Release 2014 October 15 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the network stack of Cisco TelePresence MCU Software could allow an unauthenticated, remote attacker
to cause the exhaustion of available memory...
Categories:

Bugtraq: SEC Consult SA-20141015-0 :: Potential Cross-Site Scripting in ADF Faces

Security Focus Latest Security Advisories - October 16, 2014 - 4:45am
SEC Consult SA-20141015-0 :: Potential Cross-Site Scripting in ADF Faces
Categories:

Bugtraq: Multiple Cross-Site Scripting (XSS) in WP Google Maps WordPress Plugin

Security Focus Latest Security Advisories - October 16, 2014 - 4:45am
Multiple Cross-Site Scripting (XSS) in WP Google Maps WordPress Plugin
Categories:

Bugtraq: Reflected Cross-Site Scripting (XSS) in MaxButtons WordPress Plugin

Security Focus Latest Security Advisories - October 16, 2014 - 4:45am
Reflected Cross-Site Scripting (XSS) in MaxButtons WordPress Plugin
Categories:

Bugtraq: Paypal Inc MultiOrderShipping API - Filter Bypass & Persistent XML Vulnerability

Security Focus Latest Security Advisories - October 16, 2014 - 4:45am
Paypal Inc MultiOrderShipping API - Filter Bypass & Persistent XML Vulnerability
Categories:

next-20141016: linux-next

Linux Kernel Updates - October 15, 2014 - 11:59pm
Version:next-20141016 (linux-next) Released:2014-10-16

Vuln: OpenSSH Certificate Validation Security Bypass Vulnerability

Security Focus Latest Security Advisories - October 15, 2014 - 11:00pm
OpenSSH Certificate Validation Security Bypass Vulnerability
Categories:

Vuln: OpenSSH 'child_set_env()' Function Security Bypass Vulnerability

Security Focus Latest Security Advisories - October 15, 2014 - 11:00pm
OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
Categories:

Vuln: Multiple Huawei Switches Information Disclosure Vulnerability

Security Focus Latest Security Advisories - October 15, 2014 - 11:00pm
Multiple Huawei Switches Information Disclosure Vulnerability
Categories:

Vuln: Adobe Flash Player and AIR CVE-2014-0564 Unspecified Memory Corruption Vulnerability

Security Focus Latest Security Advisories - October 15, 2014 - 11:00pm
Adobe Flash Player and AIR CVE-2014-0564 Unspecified Memory Corruption Vulnerability
Categories:

Vuln: Mozilla Firefox/Thunderbird CVE-2014-1574 Multiple Memory Corruption Vulnerabilities

Security Focus Latest Security Advisories - October 15, 2014 - 11:00pm
Mozilla Firefox/Thunderbird CVE-2014-1574 Multiple Memory Corruption Vulnerabilities
Categories:

Vuln: Oracle MySQL Server Username Enumeration Weakness

Security Focus Latest Security Advisories - October 15, 2014 - 11:00pm
Oracle MySQL Server Username Enumeration Weakness
Categories:

Vuln: MySQL MyISAM Insecure Temporary File Creation Vulnerability

Security Focus Latest Security Advisories - October 15, 2014 - 11:00pm
MySQL MyISAM Insecure Temporary File Creation Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-6504 Remote Security Vulnerability

Security Focus Latest Security Advisories - October 15, 2014 - 11:00pm
Oracle Java SE CVE-2014-6504 Remote Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-6506 Remote Security Vulnerability

Security Focus Latest Security Advisories - October 15, 2014 - 11:00pm
Oracle Java SE CVE-2014-6506 Remote Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-6511 Remote Security Vulnerability

Security Focus Latest Security Advisories - October 15, 2014 - 11:00pm
Oracle Java SE CVE-2014-6511 Remote Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-6512 Remote Security Vulnerability

Security Focus Latest Security Advisories - October 15, 2014 - 11:00pm
Oracle Java SE CVE-2014-6512 Remote Security Vulnerability
Categories: