Feed aggregator

Bugtraq: [SECURITY] [DSA 3349-1] qemu-kvm security update

[SECURITY] [DSA 3349-1] qemu-kvm security update
Categories:

Bugtraq: [SECURITY] [DSA 3348-1] qemu security update

[SECURITY] [DSA 3348-1] qemu security update
Categories:

Bugtraq: Cisco Security Advisory: Cisco Integrated Management Controller Supervisor and Cisco UCS Director Remote File Overwrite Vulnerability

Cisco Security Advisory: Cisco Integrated Management Controller Supervisor and Cisco UCS Director Remote File Overwrite Vulnerability
Categories:

Bugtraq: [SECURITY] [DSA 3347-1] pdns security update

[SECURITY] [DSA 3347-1] pdns security update
Categories:

More rss feeds from SecurityFocus

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
Categories:

next-20150903: linux-next

Linux Kernel Updates - 41 min 30 sec ago
Version:next-20150903 (linux-next) Released:2015-09-03

[SECURITY] [DSA 3348-1] qemu security update

BugTraq Latest Security Advisories - September 2, 2015 - 12:47pm

Posted by Salvatore Bonaccorso on Sep 02

-------------------------------------------------------------------------
Debian Security Advisory DSA-3348-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
September 02, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : qemu
CVE ID : CVE-2015-3214 CVE-2015-5154...
Categories:

[SECURITY] [DSA 3349-1] qemu-kvm security update

BugTraq Latest Security Advisories - September 2, 2015 - 12:40pm

Posted by Salvatore Bonaccorso on Sep 02

-------------------------------------------------------------------------
Debian Security Advisory DSA-3349-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
September 02, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : qemu-kvm
CVE ID : CVE-2015-5165 CVE-2015-5745...
Categories:

Cisco Security Advisory: Cisco Integrated Management Controller Supervisor and Cisco UCS Director Remote File Overwrite Vulnerability

BugTraq Latest Security Advisories - September 2, 2015 - 12:32pm

Posted by Cisco Systems Product Security Incident Response Team on Sep 02

Cisco Security Advisory: Cisco Integrated Management Controller Supervisor and Cisco UCS Director Remote File Overwrite
Vulnerability

Advisory ID: cisco-sa-20150902-cimcs

Revision 1.0

For Public Release 2015 September 2 16:00 UTC (GMT)

+-----------------------------------------------------------------------

Summary
=======
Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director contain a remote file overwrite...
Categories:

Bugtraq: ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability

Security Focus Latest Security Advisories - September 2, 2015 - 12:00pm
ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability
Categories:

Bugtraq: Cross-Site Request Forgery in Cerb

Security Focus Latest Security Advisories - September 2, 2015 - 12:00pm
Cross-Site Request Forgery in Cerb
Categories:

Bugtraq: CVE-2015-5603: JIRA and the HipChat For JIRA plugin - Velocity Template Injection

Security Focus Latest Security Advisories - September 2, 2015 - 12:00pm
CVE-2015-5603: JIRA and the HipChat For JIRA plugin - Velocity Template Injection
Categories:

[SECURITY] [DSA 3347-1] pdns security update

BugTraq Latest Security Advisories - September 2, 2015 - 10:51am

Posted by Sébastien Delafond on Sep 02

-------------------------------------------------------------------------
Debian Security Advisory DSA-3347-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
September 02, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : pdns
CVE ID : CVE-2015-5230

Pyry Hakulinen and...
Categories:

Bugtraq: [slackware-security] gdk-pixbuf2 (SSA:2015-244-01)

Security Focus Latest Security Advisories - September 2, 2015 - 10:45am
[slackware-security] gdk-pixbuf2 (SSA:2015-244-01)
Categories:

Bugtraq: KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation

Security Focus Latest Security Advisories - September 2, 2015 - 9:30am
KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation
Categories:

ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability

BugTraq Latest Security Advisories - September 2, 2015 - 9:07am

Posted by Security Alert on Sep 02

ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability

EMC Identifier: ESA-2015-137

CVE Identifier: CVE-2015-4538

Severity Rating: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:S/C:C/I:N/A:P)

Affected products:
EMC Atmos 2.3.0 and earlier

Summary:
EMC Atmos includes a XML External Entity Injection vulnerability.

Details:

EMC Atmos is affected by a XML External Entity (XXE) Injection vulnerability due to the configuration of...
Categories:

Bugtraq: KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation

Security Focus Latest Security Advisories - September 2, 2015 - 7:00am
KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation
Categories:

Cross-Site Request Forgery in Cerb

BugTraq Latest Security Advisories - September 2, 2015 - 6:20am

Posted by High-Tech Bridge Security Research on Sep 02

Advisory ID: HTB23269
Product: Cerb
Vendor: Webgroup Media LLC
Vulnerable Version(s): 7.0.3 and probably prior
Tested Version: 7.0.3
Advisory Publication: August 12, 2015 [without technical details]
Vendor Notification: August 12, 2015
Vendor Patch: August 14, 2015
Public Disclosure: September 2, 2015
Vulnerability Type: Cross-Site Request Forgery [CWE-352]
CVE Reference: CVE-2015-6545
Risk Level: Medium
CVSSv2 Base Score: 5.1...
Categories:

[slackware-security] gdk-pixbuf2 (SSA:2015-244-01)

BugTraq Latest Security Advisories - September 2, 2015 - 6:12am

Posted by Slackware Security Team on Sep 02

[slackware-security] gdk-pixbuf2 (SSA:2015-244-01)

New gdk-pixbuf2 packages are available for Slackware 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/gdk-pixbuf2-2.28.2-i486-2_slack14.1.txz: Rebuilt.
Gustavo Grieco discovered a heap overflow in the processing of BMP images
which may result in the execution of arbitrary code if...
Categories:

CVE-2015-5603: JIRA and the HipChat For JIRA plugin - Velocity Template Injection

BugTraq Latest Security Advisories - September 2, 2015 - 6:05am

Posted by David Black on Sep 02

Note: the current version of this advisory can be found at
https://confluence.atlassian.com/x/IcBKLg .

CVE ID: CVE-2015-5603
Product: JIRA and the HipChat for JIRA plugin.
Affected HipChat For JIRA plugin versions: 1.3.2 <= version < 6.30.0
Affected JIRA product versions: 6.3.5 <= version < 6.4.11

Summary:
This advisory discloses a critical severity security vulnerability
that was introduced in version 1.3.2 of the HipChat for JIRA...
Categories: