Feed aggregator

Vuln: Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability

Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
Categories:

Vuln: Stunnel CVE-2014-0016 PRNG Initialization Weakness

Stunnel CVE-2014-0016 PRNG Initialization Weakness
Categories:

Vuln: QEMU 'hw/block/fdc.c' VENOM Remote Memory Corruption Vulnerability

QEMU 'hw/block/fdc.c' VENOM Remote Memory Corruption Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2015-0469 Remote Security Vulnerability

Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
Categories:

4.0.4: stable

Linux Kernel Updates - May 17, 2015 - 11:55am
Version:4.0.4 (stable) Released:2015-05-17 Source:linux-4.0.4.tar.xz PGP Signature:linux-4.0.4.tar.sign Patch:patch-4.0.4.xz (Incremental) ChangeLog:ChangeLog-4.0.4

3.14.43: longterm

Linux Kernel Updates - May 17, 2015 - 11:54am
Version:3.14.43 (longterm) Released:2015-05-17 Source:linux-3.14.43.tar.xz PGP Signature:linux-3.14.43.tar.sign Patch:patch-3.14.43.xz (Incremental) ChangeLog:ChangeLog-3.14.43

3.10.79: longterm

Linux Kernel Updates - May 17, 2015 - 11:51am
Version:3.10.79 (longterm) Released:2015-05-17 Source:linux-3.10.79.tar.xz PGP Signature:linux-3.10.79.tar.sign Patch:patch-3.10.79.xz (Incremental) ChangeLog:ChangeLog-3.10.79

Bugtraq: SEC Consult SA-20150514-0 :: Multiple vulnerabilities in Loxone Smart Home (part 2)

SEC Consult SA-20150514-0 :: Multiple vulnerabilities in Loxone Smart Home (part 2)
Categories:

[SECURITY] [DSA 3261-1] libmodule-signature-perl security update

BugTraq Latest Security Advisories - May 15, 2015 - 1:16pm

Posted by Salvatore Bonaccorso on May 15

-------------------------------------------------------------------------
Debian Security Advisory DSA-3261-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
May 15, 2015 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libmodule-signature-perl
CVE ID : CVE-2015-3406...
Categories:

[SE-2014-02] Unconfirmed / unpatched vulnerabilities in Google App Engine

BugTraq Latest Security Advisories - May 15, 2015 - 7:24am

Posted by Security Explorations on May 15

Hello All,

Security Explorations decided to release technical details as well as
accompanying Proof of Concept codes (three complete GAE Java sandbox
escapes) for security issues identified in Google App Engine for Java
after initial Issues 1-31 [1] have been addressed by the company. All
relevant materials can be found at our SE-2014-02 project details page
(original Google reports 3-6, POC codes for Issues 35-41):...
Categories:

phpMyAdmin 4.4.6 Man-In-the-Middle API Github

BugTraq Latest Security Advisories - May 15, 2015 - 7:16am

Posted by submit on May 15

phpMyAdmin 4.4.6 Man-In-the-Middle to API Github (CVE-2015-3903)
Author: Maksymilian Arciemowicz from https://cxsecurity.com
Issue type: CWE-295

Source URL:
http://cxsecurity.com/issue/WLB-2015050095

--- Description ---
As we can read

CURLOPT_SSL_VERIFYPEER option.
http://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYPEER.html
WARNING: disabling verification of the certificate allows bad guys to man-in-the-middle the communication without you...
Categories: