Feed aggregator

[SECURITY] [DSA 3584-1] librsvg security update

BugTraq Latest Security Advisories - May 19, 2016 - 2:25pm

Posted by Salvatore Bonaccorso on May 19

-------------------------------------------------------------------------
Debian Security Advisory DSA-3584-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
May 19, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : librsvg
CVE ID : CVE-2015-7558 CVE-2016-4347...
Categories:

Bugtraq: [ERPSCAN-16-010] SAP NetWeaver AS JAVA â?? information disclosure vulnerability

[ERPSCAN-16-010] SAP NetWeaver AS JAVA â?? information disclosure vulnerability
Categories:

Bugtraq: TYPO3 RemoveXSS.php vulnerability versions 6.2.19 and 7.6.4

TYPO3 RemoveXSS.php vulnerability versions 6.2.19 and 7.6.4
Categories:

[SEARCH-LAB advisory] LG NAS N1A1 multiple vulnerabilities in Familycast

BugTraq Latest Security Advisories - May 19, 2016 - 6:37am

Posted by Gergely Eberhardt on May 19

Access: unauthenticated remote access

Platforms / Firmware confirmed affected:
- LG NAS N1A1 Version 10119, 10/04/2012
- Product page: http://www.lg.com/us/support-product/lg-N1A1DD1

What is Familycast?
-------------------
Familycast is a service running on top of the NAS. According to LG,
Familycast is an: ôLG SMART TV exclusive application which allows the
user to easily access and share photos, music, videos and other data
saved on the net...
Categories:

[ERPSCAN-16-011] SAP NetWeaver AS JAVA – SQL injection vulnerability

BugTraq Latest Security Advisories - May 19, 2016 - 6:28am

Posted by ERPScan inc on May 19

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5

Vendor URL: http://SAP.com

Bugs: SQL injection

Send: 04.12.2015

Reported: 04.12.2015

Vendor response: 05.12.2015

Date of Public Advisory: 09.02.2016

Reference: SAP Security Note 2101079

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP NetWeaver AS JAVA – SQL injection vulnerability

Advisory...
Categories:

[ERPSCAN-16-010] SAP NetWeaver AS JAVA – information disclosure vulnerability

BugTraq Latest Security Advisories - May 19, 2016 - 6:16am

Posted by ERPScan inc on May 19

Application:SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5

Vendor URL: http://SAP.com

Bugs: information disclosure

Sent: 15.09.2015

Reported: 15.09.2015

Vendor response: 16.09.2015

Date of Public Advisory: 09.02.2016

Reference: SAP Security Note 2256846

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP NetWeaver AS JAVA – information disclosure vulnerability

Advisory...
Categories:

TYPO3 RemoveXSS.php vulnerability versions 6.2.19 and 7.6.4

BugTraq Latest Security Advisories - May 19, 2016 - 6:05am

Posted by mandy on May 19

Madison Gurkha Security Advisory

Advisory: TYPO3 circumvent RemoveXSS.php cross site scripting using BASE64 encoding

1. DETAILS
----------
Product: Typo3 CMS
Vendor URL: typo3.org
Type: Cross-site Scripting[CWE-79]
Date found: 2016-03-09
Date published: 2016-05-19

2. AFFECTED VERSIONS
--------------------
Typo3 6.2.19 and below
Typo3 7.6.4 and below
and other older versions may be affected too.
Until the removal of the RemoveXSS.php function,...
Categories:

Bugtraq: [SECURITY] [DSA 3583-1] swift-plugin-s3 security update

[SECURITY] [DSA 3583-1] swift-plugin-s3 security update
Categories:

Bugtraq: [security bulletin] HPSBGN03602 rev.1 - HPE RESTful Interface Tool, Local Disclosure of Information

[security bulletin] HPSBGN03602 rev.1 - HPE RESTful Interface Tool, Local Disclosure of Information
Categories:

Bugtraq: Cisco Security Advisory: Cisco Web Security Appliance Connection Denial of Service Vulnerability

Cisco Security Advisory: Cisco Web Security Appliance Connection Denial of Service Vulnerability
Categories:

Bugtraq: Cisco Security Advisory: Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability

Cisco Security Advisory: Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability
Categories:

next-20160519: linux-next

Linux Kernel Updates - May 19, 2016 - 1:42am
Version:next-20160519 (linux-next) Released:2016-05-19

Bugtraq: Cisco Security Advisory: Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability

Cisco Security Advisory: Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability
Categories:

[SECURITY] [DSA 3583-1] swift-plugin-s3 security update

BugTraq Latest Security Advisories - May 18, 2016 - 11:50pm

Posted by Moritz Muehlenhoff on May 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-3583-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
May 18, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : swift-plugin-s3
CVE ID : CVE-2015-8466
Debian Bug...
Categories:

4.5.5: stable

Linux Kernel Updates - May 18, 2016 - 8:35pm
Version:4.5.5 (stable) Released:2016-05-19 Source:linux-4.5.5.tar.xz PGP Signature:linux-4.5.5.tar.sign Patch:patch-4.5.5.xz (Incremental) ChangeLog:ChangeLog-4.5.5

4.4.11: longterm

Linux Kernel Updates - May 18, 2016 - 7:09pm
Version:4.4.11 (longterm) Released:2016-05-19 Source:linux-4.4.11.tar.xz PGP Signature:linux-4.4.11.tar.sign Patch:patch-4.4.11.xz (Incremental) ChangeLog:ChangeLog-4.4.11

3.14.70: longterm

Linux Kernel Updates - May 18, 2016 - 7:04pm
Version:3.14.70 (longterm) Released:2016-05-19 Source:linux-3.14.70.tar.xz PGP Signature:linux-3.14.70.tar.sign Patch:patch-3.14.70.xz (Incremental) ChangeLog:ChangeLog-3.14.70

[security bulletin] HPSBGN03602 rev.1 - HPE RESTful Interface Tool, Local Disclosure of Information

BugTraq Latest Security Advisories - May 18, 2016 - 2:36pm

Posted by security-alert on May 18

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05141083

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05141083
Version: 1

HPSBGN03602 rev.1 - HPE RESTful Interface Tool, Local Disclosure of
Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2016-05-18
Last...
Categories:

next-20160518: linux-next

Linux Kernel Updates - May 17, 2016 - 11:27pm
Version:next-20160518 (linux-next) Released:2016-05-18