Feed aggregator

Vuln: X.Org libXfont BDF Font File Handling Stack Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
X.Org libXfont BDF Font File Handling Stack Buffer Overflow Vulnerability
Categories:

Vuln: GnuTLS CVE-2014-0092 Certificate Validation Security Bypass Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
GnuTLS CVE-2014-0092 Certificate Validation Security Bypass Vulnerability
Categories:

Vuln: Huawei E355 CVE-2014-2968 HTML Injection Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Huawei E355 CVE-2014-2968 HTML Injection Vulnerability
Categories:

Vuln: libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
Categories:

Vuln: Google Chrome CVE-2014-3154 Use After Free Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome CVE-2014-3154 Use After Free Remote Code Execution Vulnerability
Categories:

Vuln: Google Chrome CVE-2014-3803 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome CVE-2014-3803 Information Disclosure Vulnerability
Categories:

Vuln: WebKit CVE-2014-1731 Unspecified Memory Corruption Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
WebKit CVE-2014-1731 Unspecified Memory Corruption Vulnerability
Categories:

Vuln: Google Chrome 35.0.1916.114 Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome 35.0.1916.114 Multiple Security Vulnerabilities
Categories:

Vuln: Google Chrome Prior to 36.0.1985.122 Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome Prior to 36.0.1985.122 Multiple Security Vulnerabilities
Categories:

Vuln: Google Chrome CVE-2014-1740 Use After Free Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome CVE-2014-1740 Use After Free Remote Code Execution Vulnerability
Categories:

Vuln: Google Chrome CVE-2014-1741 Integer Overflow Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome CVE-2014-1741 Integer Overflow Vulnerability
Categories:

Vuln: Google Chrome CVE-2014-3157 Heap Based Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Google Chrome CVE-2014-3157 Heap Based Buffer Overflow Vulnerability
Categories:

Vuln: OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
Categories:

Vuln: Dell SonicWALL Scrutinizer Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - July 23, 2014 - 11:00pm
Dell SonicWALL Scrutinizer Multiple Security Vulnerabilities
Categories:

Bugtraq: [SECURITY] [DSA 2985-1] mysql-5.5 security update

[SECURITY] [DSA 2985-1] mysql-5.5 security update
Categories:

[security bulletin] HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code, Disclosure of Information

BugTraq Latest Security Advisories - July 23, 2014 - 9:19am

Posted by security-alert on Jul 23

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04374202

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04374202
Version: 1

HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code,
Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

SQL Injection in Е2

BugTraq Latest Security Advisories - July 23, 2014 - 9:09am

Posted by High-Tech Bridge Security Research on Jul 23

Advisory ID: HTB23222
Product: Е2
Vendor: Ilya Birman
Vulnerable Version(s): v2844 and probably prior
Tested Version: v2844
Advisory Publication: July 2, 2014 [without technical details]
Vendor Notification: July 2, 2014
Vendor Patch: July 3, 2014
Public Disclosure: July 23, 2014
Vulnerability Type: SQL Injection [CWE-89]
CVE Reference: CVE-2014-4736
Risk Level: High
CVSSv2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Solution Status:...
Categories:

[oCERT-2014-005] LPAR2RRD input sanitization errors

BugTraq Latest Security Advisories - July 23, 2014 - 8:59am

Posted by Daniele Bianco on Jul 23

#2014-005 LPAR2RRD input sanitization errors

Description:

LPAR2RRD is a performance monitoring and capacity planning software for IBM
Power Systems. LPAR2RRD generates historical, future trends and nearly
"real-time" CPU utilization graphs of LPAR's and shared CPU usage.

Insufficient input sanitization on the parameters passed to the application
web gui leads to arbitrary command injection on the LPAR2RRD application
server....
Categories: