Feed aggregator

Vuln: Oracle Java SE CVE-2014-4263 Remote Security Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-4244 Remote Security Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
Categories:

Vuln: QEMU 'vga.c' Information Disclosure Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
QEMU 'vga.c' Information Disclosure Vulnerability
Categories:

Vuln: GNOME gnome-shell Lock Screen Local Security Bypass Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
GNOME gnome-shell Lock Screen Local Security Bypass Vulnerability
Categories:

Vuln: Linux Kernel VFS 'pivot_root()' Function Denial of Service Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Linux Kernel VFS 'pivot_root()' Function Denial of Service Vulnerability
Categories:

Vuln: Linux Kernel CVE-2014-7975 Local Denial of Service Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Linux Kernel CVE-2014-7975 Local Denial of Service Vulnerability
Categories:

Vuln: Microsoft Windows CVE-2014-4114 OLE Package Manager Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
Microsoft Windows CVE-2014-4114 OLE Package Manager Remote Code Execution Vulnerability
Categories:

Vuln: RSyslog and sysklogd CVE-2014-3683 Incomplete Fix Denial of Service Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
RSyslog and sysklogd CVE-2014-3683 Incomplete Fix Denial of Service Vulnerability
Categories:

Vuln: GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
Categories:

Vuln: GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
Categories:

Vuln: GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
Categories:

Vuln: GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
Categories:

Vuln: GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - October 20, 2014 - 11:00pm
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
Categories:

next-20141021: linux-next

Linux Kernel Updates - October 20, 2014 - 9:55pm
Version:next-20141021 (linux-next) Released:2014-10-21

LiteCart Security Advisory - Multiple XSS Vulnerabilities - CVE-2014-7183

BugTraq Latest Security Advisories - October 20, 2014 - 3:49pm

Posted by Onur Yilmaz on Oct 20

Information
-----------
Advisory by Netsparker.
Name: Multiple XSS Vulnerabilities in LiteCart
Affected Software : LiteCart
Affected Versions: 1.1.2.1 and possibly below
Vendor Homepage : http://www.litecart.net
Vulnerability Type : Cross-site Scripting
Severity : Important
CVE-ID: CVE-2014-7183
Netsparker Advisory Reference : NS-14-032

Advisory URL
------------
https://www.netsparker.com/xss-vulnerabilities-in-litecart/

Description...
Categories:

APPLE-SA-2014-10-20-1 iOS 8.1

BugTraq Latest Security Advisories - October 20, 2014 - 3:41pm

Posted by Apple Product Security on Oct 20

APPLE-SA-2014-10-20-1 iOS 8.1

iOS 8.1 is now available and addresses the following:

Bluetooth
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious Bluetooth input device may bypass pairing
Description: Unencrypted connections were permitted from Human
Interface Device-class Bluetooth Low Energy accessories. If an iOS
device had paired with such an accessory, an attacker could spoof...
Categories:

APPLE-SA-2014-10-20-2 Apple TV 7.0.1

BugTraq Latest Security Advisories - October 20, 2014 - 3:32pm

Posted by Apple Product Security on Oct 20

APPLE-SA-2014-10-20-2 Apple TV 7.0.1

Apple TV 7.0.1 is now available and addresses the following:

Apple TV
Available for: Apple TV 3rd generation and later
Impact: A malicious Bluetooth input device may bypass pairing
Description: Unencrypted connections were permitted from Human
Interface Device-class Bluetooth Low Energy accessories. If a device
had paired with such an accessory, an attacker could spoof the
legitimate accessory to...
Categories:

AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability

BugTraq Latest Security Advisories - October 20, 2014 - 3:22pm

Posted by Asterisk Security Team on Oct 20

Asterisk Project Security Advisory - AST-2014-011

Product Asterisk
Summary Asterisk Susceptibility to POODLE Vulnerability
Nature of Advisory Unauthorized Data Disclosure
Susceptibility Remote Unauthenticated Sessions
Severity Medium...
Categories:

[security bulletin] HPSBMU03126 rev.2 - HP Operations Manager/Operations Agent, Remote Cross-site Scripting (XSS)

BugTraq Latest Security Advisories - October 20, 2014 - 3:12pm

Posted by security-alert on Oct 20

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04472444

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04472444
Version: 2

HPSBMU03126 rev.2 - HP Operations Manager/Operations Agent, Remote Cross-site
Scripting (XSS)

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

[SECURITY] [DSA 3054-1] mysql-5.5 security update

BugTraq Latest Security Advisories - October 20, 2014 - 3:04pm

Posted by Salvatore Bonaccorso on Oct 20

-------------------------------------------------------------------------
Debian Security Advisory DSA-3054-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
October 20, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : mysql-5.5
CVE ID : CVE-2012-5615 CVE-2014-4274...
Categories: