Feed aggregator

CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS

BugTraq Latest Security Advisories - April 28, 2016 - 12:23am

Posted by Tony Homer on Apr 27

CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS

Severity:
High

Vendor:
The Apache Software Foundation

Versions Affected:
cordova-ios 3.9.1 and below

Description:
An arbitrary plugin can be executed when a user clicks on a link.

Upgrade path:
Developers who are concerned about this issue should install version
4.0.0 or higher of the cordova-ios platform.

Credit:
This issue was discovered by Muneaki Nishimura...
Categories:

Bugtraq: [SECURITY] [DSA 3559-1] iceweasel security update

Security Focus Latest Security Advisories - April 28, 2016 - 12:00am
[SECURITY] [DSA 3559-1] iceweasel security update
Categories:

Bugtraq: EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection

Security Focus Latest Security Advisories - April 28, 2016 - 12:00am
EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection
Categories:

Bugtraq: Oracle Discoverer Viewer BI - Open Redirect Vulnerability

Security Focus Latest Security Advisories - April 28, 2016 - 12:00am
Oracle Discoverer Viewer BI - Open Redirect Vulnerability
Categories:

Bugtraq: [slackware-security] mozilla-firefox (SSA:2016-117-01)

Security Focus Latest Security Advisories - April 28, 2016 - 12:00am
[slackware-security] mozilla-firefox (SSA:2016-117-01)
Categories:

Bugtraq: [SECURITY] [DSA 3558-1] openjdk-7 security update

Security Focus Latest Security Advisories - April 27, 2016 - 2:00pm
[SECURITY] [DSA 3558-1] openjdk-7 security update
Categories:

[SECURITY] [DSA 3559-1] iceweasel security update

BugTraq Latest Security Advisories - April 27, 2016 - 1:32pm

Posted by Moritz Muehlenhoff on Apr 27

-------------------------------------------------------------------------
Debian Security Advisory DSA-3559-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
April 27, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : iceweasel
CVE ID : CVE-2016-2805 CVE-2016-2807...
Categories:

EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection

BugTraq Latest Security Advisories - April 27, 2016 - 10:30am

Posted by Securify B.V. on Apr 27

------------------------------------------------------------------------
EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection
------------------------------------------------------------------------
Han Sahin, November 2014

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
It was discovered that EMC M&R (Watch4net) does not...
Categories:

Bugtraq: [SECURITY] [DSA 3557-1] mysql-5.5 security update

Security Focus Latest Security Advisories - April 27, 2016 - 9:00am
[SECURITY] [DSA 3557-1] mysql-5.5 security update
Categories:

Oracle Discoverer Viewer BI - Open Redirect Vulnerability

BugTraq Latest Security Advisories - April 27, 2016 - 7:55am

Posted by Vulnerability Lab on Apr 27

Document Title:
===============
Oracle Discoverer Viewer BI - Open Redirect Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1667

Oracle ID: S0666670

Release Date:
=============
2016-04-26

Vulnerability Laboratory ID (VL-ID):
====================================
1667

Common Vulnerability Scoring System:
====================================
2.8

Product & Service Introduction:...
Categories:

Bugtraq: Sophos XG Firewall (SF01V) - Persistent Web Vulnerability

Security Focus Latest Security Advisories - April 27, 2016 - 7:00am
Sophos XG Firewall (SF01V) - Persistent Web Vulnerability
Categories:

3.4.112: longterm

Linux Kernel Updates - April 27, 2016 - 5:55am
Version:3.4.112 (longterm) Released:2016-04-27 Source:linux-3.4.112.tar.xz PGP Signature:linux-3.4.112.tar.sign Patch:patch-3.4.112.xz (Incremental) ChangeLog:ChangeLog-3.4.112

3.12.59: longterm

Linux Kernel Updates - April 27, 2016 - 4:13am
Version:3.12.59 (longterm) Released:2016-04-27 Source:linux-3.12.59.tar.xz PGP Signature:linux-3.12.59.tar.sign Patch:patch-3.12.59.xz (Incremental) ChangeLog:ChangeLog-3.12.59

[slackware-security] mozilla-firefox (SSA:2016-117-01)

BugTraq Latest Security Advisories - April 27, 2016 - 3:31am

Posted by Slackware Security Team on Apr 27

[slackware-security] mozilla-firefox (SSA:2016-117-01)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-38.8.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

Bugtraq: Trend Micro (Account) - Email Spoofing Web Vulnerability

Security Focus Latest Security Advisories - April 27, 2016 - 3:00am
Trend Micro (Account) - Email Spoofing Web Vulnerability
Categories:

next-20160427: linux-next

Linux Kernel Updates - April 27, 2016 - 1:52am
Version:next-20160427 (linux-next) Released:2016-04-27

[SECURITY] [DSA 3558-1] openjdk-7 security update

BugTraq Latest Security Advisories - April 26, 2016 - 11:42pm

Posted by Moritz Muehlenhoff on Apr 26

-------------------------------------------------------------------------
Debian Security Advisory DSA-3558-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
April 26, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : openjdk-7
CVE ID : CVE-2016-0636 CVE-2016-0686...
Categories:

Bugtraq: VoipNow v4.0.1 - (xajax_handler) Persistent Vulnerability

Security Focus Latest Security Advisories - April 26, 2016 - 11:00pm
VoipNow v4.0.1 - (xajax_handler) Persistent Vulnerability
Categories:

Bugtraq: [security bulletin] HPSBGN03582 rev.1 - HPE Helion CloudSystem using glibc, Remote Code Execution, Denial of Service (DoS)

Security Focus Latest Security Advisories - April 26, 2016 - 3:00pm
[security bulletin] HPSBGN03582 rev.1 - HPE Helion CloudSystem using glibc, Remote Code Execution, Denial of Service (DoS)
Categories:

[SECURITY] [DSA 3557-1] mysql-5.5 security update

BugTraq Latest Security Advisories - April 26, 2016 - 2:51pm

Posted by Salvatore Bonaccorso on Apr 26

-------------------------------------------------------------------------
Debian Security Advisory DSA-3557-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
April 26, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : mysql-5.5
CVE ID : CVE-2016-0640 CVE-2016-0641...
Categories: