BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 47 min 28 sec ago

[SECURITY] [DSA 3270-1] postgresql-9.4 security update

May 22, 2015 - 12:00pm

Posted by Christoph Berg on May 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-3270-1 security () debian org
http://www.debian.org/security/ Christoph Berg
May 22, 2015 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : postgresql-9.4
CVE ID : CVE-2015-3165 CVE-2015-3166...
Categories:

[SECURITY] [DSA 3268-1] ntfs-3g security update

May 22, 2015 - 6:54am

Posted by Salvatore Bonaccorso on May 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-3268-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
May 22, 2015 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : ntfs-3g
CVE ID : CVE-2015-3202
Debian Bug :...
Categories:

[SECURITY] [DSA 3267-1] chromium-browser security update

May 22, 2015 - 6:46am

Posted by Michael Gilbert on May 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-3267-1 security () debian org
http://www.debian.org/security/ Michael Gilbert
May 22, 2015 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : chromium-browser
CVE ID : CVE-2015-1251...
Categories:

[security bulletin] HPSBMU03336 rev.1- HP Helion OpenStack affected by VENOM, Denial of Service (DoS), Execution of Arbitrary Code

May 22, 2015 - 6:38am

Posted by security-alert on May 22

UPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04685037
Version: 1

HPSBMU03336 rev.1- HP Helion OpenStack affected by VENOM, Denial of Service
(DoS),

Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2015-05-21
Last Updated: 2015-05-21

Potential Security Impact: Denial of Service (DoS), Execution of Arbitary
Code

Source: Hewlett-Packard Company, HP...
Categories:

CVE-2015-4038 - WordPress WP Membership plugin [Privilege escalation]

May 22, 2015 - 6:30am

Posted by pan . vagenas on May 22

# Exploit Title: WordPress WP Membership plugin [Privilege escalation]
# Contact: https://twitter.com/panVagenas
# Vendor Homepage: http://wpmembership.e-plugins.com/
# Software Link: http://codecanyon.net/item/wp-membership/10066554
# Version: 1.2.3
# Tested on: WordPress 4.2.2
# CVE: CVE-2015-4038

1 Description

Any registered user can perform a privilege escalation through `iv_membership_update_user_settings` AJAX action.
Although this...
Categories:

CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS]

May 22, 2015 - 6:22am

Posted by pan . vagenas on May 22

# Exploit Title: WordPress WP Membership plugin [Stored XSS]
# Contact: https://twitter.com/panVagenas
# Vendor Homepage: http://wpmembership.e-plugins.com/
# Software Link: http://codecanyon.net/item/wp-membership/10066554
# Version: 1.2.3
# Tested on: WordPress 4.2.2
# CVE: CVE-2015-4039

=============================================
* 1. Stored XSS
=============================================

1.1 Description

All input fields from...
Categories: