Feed aggregator

Vuln: Google Chrome 35.0.1916.114 Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome 35.0.1916.114 Multiple Security Vulnerabilities
Categories:

Vuln: Google Chrome Prior to 36.0.1985.122 Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome Prior to 36.0.1985.122 Multiple Security Vulnerabilities
Categories:

Vuln: Google Chrome CVE-2014-1740 Use After Free Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome CVE-2014-1740 Use After Free Remote Code Execution Vulnerability
Categories:

Vuln: Google Chrome CVE-2014-1741 Integer Overflow Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome CVE-2014-1741 Integer Overflow Vulnerability
Categories:

Vuln: Google Chrome CVE-2014-3157 Heap Based Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome CVE-2014-3157 Heap Based Buffer Overflow Vulnerability
Categories:

Vuln: OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
Categories:

Vuln: Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
Categories:

Vuln: Dell SonicWALL Scrutinizer Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Dell SonicWALL Scrutinizer Multiple Security Vulnerabilities
Categories:

Bugtraq: [SECURITY] [DSA 2985-1] mysql-5.5 security update

[SECURITY] [DSA 2985-1] mysql-5.5 security update
Categories:

[security bulletin] HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code, Disclosure of Information

BugTraq Latest Security Advisories - July 23, 2014 - 9:19am

Posted by security-alert on Jul 23

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04374202

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04374202
Version: 1

HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code,
Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

SQL Injection in Е2

BugTraq Latest Security Advisories - July 23, 2014 - 9:09am

Posted by High-Tech Bridge Security Research on Jul 23

Advisory ID: HTB23222
Product: Е2
Vendor: Ilya Birman
Vulnerable Version(s): v2844 and probably prior
Tested Version: v2844
Advisory Publication: July 2, 2014 [without technical details]
Vendor Notification: July 2, 2014
Vendor Patch: July 3, 2014
Public Disclosure: July 23, 2014
Vulnerability Type: SQL Injection [CWE-89]
CVE Reference: CVE-2014-4736
Risk Level: High
CVSSv2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Solution Status:...
Categories:

[oCERT-2014-005] LPAR2RRD input sanitization errors

BugTraq Latest Security Advisories - July 23, 2014 - 8:59am

Posted by Daniele Bianco on Jul 23

#2014-005 LPAR2RRD input sanitization errors

Description:

LPAR2RRD is a performance monitoring and capacity planning software for IBM
Power Systems. LPAR2RRD generates historical, future trends and nearly
"real-time" CPU utilization graphs of LPAR's and shared CPU usage.

Insufficient input sanitization on the parameters passed to the application
web gui leads to arbitrary command injection on the LPAR2RRD application
server....
Categories:

Bugtraq: [security bulletin] HPSBMU03071 rev.1 - HP Autonomy IDOL, Running OpenSSL, Remote Unauthorized Access, Disclosure of Information

[security bulletin] HPSBMU03071 rev.1 - HP Autonomy IDOL, Running OpenSSL, Remote Unauthorized Access, Disclosure of Information
Categories:

Bugtraq: Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability

Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability
Categories:

Bugtraq: Web Login Bruteforce in Symantec Endpoint Protection Manager 12.1.4023.4080

Web Login Bruteforce in Symantec Endpoint Protection Manager 12.1.4023.4080
Categories:

Bugtraq: Cross-site Scripting in EventLog Analyzer 9.0 build #9000

Cross-site Scripting in EventLog Analyzer 9.0 build #9000
Categories:

next-20140723: linux-next

Linux Kernel Updates - July 23, 2014 - 3:46am
Version:next-20140723 (linux-next) Released:2014-07-23

Vuln: Oracle Java SE CVE-2014-2412 Remote Security Vulnerability

Security Focus Latest Security Advisories - July 22, 2014 - 11:00pm
Oracle Java SE CVE-2014-2412 Remote Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-0458 Remote Security Vulnerability

Security Focus Latest Security Advisories - July 22, 2014 - 11:00pm
Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
Categories:

Vuln: Oracle Java SE CVE-2014-2428 Remote Security Vulnerability

Security Focus Latest Security Advisories - July 22, 2014 - 11:00pm
Oracle Java SE CVE-2014-2428 Remote Security Vulnerability
Categories: