Feed aggregator

Bugtraq: CVE-2016-5399: php: out-of-bounds write in bzread()

CVE-2016-5399: php: out-of-bounds write in bzread()
Categories:

Bugtraq: Persistent Cross-Site Scripting in WooCommerce using image metadata (EXIF)

Persistent Cross-Site Scripting in WooCommerce using image metadata (EXIF)
Categories:

Bugtraq: Cross-Site Scripting vulnerability in Paid Memberships Pro WordPress Plugin

Cross-Site Scripting vulnerability in Paid Memberships Pro WordPress Plugin
Categories:

Bugtraq: Cisco Security Advisory: Cisco Unified Computing System Performance Manager Input Validation Vulnerability

Cisco Security Advisory: Cisco Unified Computing System Performance Manager Input Validation Vulnerability
Categories:

[security bulletin] HPSBGN03631 rev.1 - HPE IceWall Identity Manager and HPE IceWall SSO Password Reset Option running Apache Commons FileUpload, Remote Denial of Service (DoS)

BugTraq Latest Security Advisories - July 22, 2016 - 12:55am

Posted by security-alert on Jul 21

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05204371

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05204371
Version: 1

HPSBGN03631 rev.1 - HPE IceWall Identity Manager and HPE IceWall SSO Password
Reset Option running Apache Commons FileUpload, Remote Denial of Service
(DoS)

NOTICE: The information in this Security Bulletin...
Categories:

MySQL zero-day vulnerabilities (July 2016 CPU)

BugTraq Latest Security Advisories - July 22, 2016 - 12:48am

Posted by lem . nikolas on Jul 21

MySQL is the most popular and most widely used database in the world. MySQL customers include NASA, US Navy, Google,
Facebook, Twitter just to cite a few..

In partnership with Oracle Inc. we have worked delicately to enhance the security of the open-source product, and to
identify and mitigate those vulnerabilities.

Sincere thanks to Oracle Inc for the prompt response and adequate mitigation to the issues.

You can get a copy of the report...
Categories:

[SECURITY] [DSA 3624-1] mysql-5.5 security update

BugTraq Latest Security Advisories - July 22, 2016 - 12:36am

Posted by Salvatore Bonaccorso on Jul 21

-------------------------------------------------------------------------
Debian Security Advisory DSA-3624-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
July 21, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : mysql-5.5
CVE ID : CVE-2016-3477 CVE-2016-3521...
Categories:

Cisco Security Advisory: Vulnerability in Objective Systems ASN1C Compiler Affecting Cisco Products

BugTraq Latest Security Advisories - July 22, 2016 - 12:24am

Posted by Cisco Systems Product Security Incident Response Team on Jul 21

Cisco Security Advisory: Vulnerability in Objective Systems ASN1C Compiler Affecting Cisco Products

Advisory ID: cisco-sa-20160721-asn1c

Revision: 1.0

For Public Release: 2016 July 21 19:00 GMT

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the ASN1C compiler by Objective Systems affects Cisco ASR 5000 devices running StarOS and Cisco
Virtualized Packet Core (VPC) systems. The...
Categories:

Vuln: TLS Protocol CVE-2012-4929 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
TLS Protocol CVE-2012-4929 Information Disclosure Vulnerability
Categories:

Vuln: libxml2 CVE-2015-7498 Denial of Service Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
libxml2 CVE-2015-7498 Denial of Service Vulnerability
Categories:

Vuln: Libxml2 'parser.c' Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
Libxml2 'parser.c' Buffer Overflow Vulnerability
Categories:

Vuln: Libxml2 'xmlGROW()' Function Denial of Service Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
Libxml2 'xmlGROW()' Function Denial of Service Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2016-3587 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
Oracle Java SE CVE-2016-3587 Remote Code Execution Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2016-3606 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
Oracle Java SE CVE-2016-3606 Remote Code Execution Vulnerability
Categories:

Vuln: Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2016-3598 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
Oracle Java SE CVE-2016-3598 Remote Code Execution Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2016-3610 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
Oracle Java SE CVE-2016-3610 Remote Code Execution Vulnerability
Categories:

Vuln: Libxml2 'xmlDictComputeFastQKey()' Function Denial of Service Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
Libxml2 'xmlDictComputeFastQKey()' Function Denial of Service Vulnerability
Categories:

Vuln: libxml2 CVE-2015-5312 XML Entity Expansion Denial of Service Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
libxml2 CVE-2015-5312 XML Entity Expansion Denial of Service Vulnerability
Categories:

Vuln: Oracle WebLogic Server CVE-2016-3510 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - July 21, 2016 - 11:00pm
Oracle WebLogic Server CVE-2016-3510 Remote Code Execution Vulnerability
Categories: