Feed aggregator

EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection

BugTraq Latest Security Advisories - April 27, 2016 - 10:30am

Posted by Securify B.V. on Apr 27

------------------------------------------------------------------------
EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection
------------------------------------------------------------------------
Han Sahin, November 2014

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
It was discovered that EMC M&R (Watch4net) does not...
Categories:

Bugtraq: [SECURITY] [DSA 3557-1] mysql-5.5 security update

Security Focus Latest Security Advisories - April 27, 2016 - 9:00am
[SECURITY] [DSA 3557-1] mysql-5.5 security update
Categories:

Oracle Discoverer Viewer BI - Open Redirect Vulnerability

BugTraq Latest Security Advisories - April 27, 2016 - 7:55am

Posted by Vulnerability Lab on Apr 27

Document Title:
===============
Oracle Discoverer Viewer BI - Open Redirect Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1667

Oracle ID: S0666670

Release Date:
=============
2016-04-26

Vulnerability Laboratory ID (VL-ID):
====================================
1667

Common Vulnerability Scoring System:
====================================
2.8

Product & Service Introduction:...
Categories:

Bugtraq: Sophos XG Firewall (SF01V) - Persistent Web Vulnerability

Security Focus Latest Security Advisories - April 27, 2016 - 7:00am
Sophos XG Firewall (SF01V) - Persistent Web Vulnerability
Categories:

3.4.112: longterm

Linux Kernel Updates - April 27, 2016 - 5:55am
Version:3.4.112 (longterm) Released:2016-04-27 Source:linux-3.4.112.tar.xz PGP Signature:linux-3.4.112.tar.sign Patch:patch-3.4.112.xz (Incremental) ChangeLog:ChangeLog-3.4.112

3.12.59: longterm

Linux Kernel Updates - April 27, 2016 - 4:13am
Version:3.12.59 (longterm) Released:2016-04-27 Source:linux-3.12.59.tar.xz PGP Signature:linux-3.12.59.tar.sign Patch:patch-3.12.59.xz (Incremental) ChangeLog:ChangeLog-3.12.59

[slackware-security] mozilla-firefox (SSA:2016-117-01)

BugTraq Latest Security Advisories - April 27, 2016 - 3:31am

Posted by Slackware Security Team on Apr 27

[slackware-security] mozilla-firefox (SSA:2016-117-01)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-38.8.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

Bugtraq: Trend Micro (Account) - Email Spoofing Web Vulnerability

Security Focus Latest Security Advisories - April 27, 2016 - 3:00am
Trend Micro (Account) - Email Spoofing Web Vulnerability
Categories:

next-20160427: linux-next

Linux Kernel Updates - April 27, 2016 - 1:52am
Version:next-20160427 (linux-next) Released:2016-04-27

[SECURITY] [DSA 3558-1] openjdk-7 security update

BugTraq Latest Security Advisories - April 26, 2016 - 11:42pm

Posted by Moritz Muehlenhoff on Apr 26

-------------------------------------------------------------------------
Debian Security Advisory DSA-3558-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
April 26, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : openjdk-7
CVE ID : CVE-2016-0636 CVE-2016-0686...
Categories:

Bugtraq: VoipNow v4.0.1 - (xajax_handler) Persistent Vulnerability

Security Focus Latest Security Advisories - April 26, 2016 - 11:00pm
VoipNow v4.0.1 - (xajax_handler) Persistent Vulnerability
Categories:

Bugtraq: [security bulletin] HPSBGN03582 rev.1 - HPE Helion CloudSystem using glibc, Remote Code Execution, Denial of Service (DoS)

Security Focus Latest Security Advisories - April 26, 2016 - 3:00pm
[security bulletin] HPSBGN03582 rev.1 - HPE Helion CloudSystem using glibc, Remote Code Execution, Denial of Service (DoS)
Categories:

[SECURITY] [DSA 3557-1] mysql-5.5 security update

BugTraq Latest Security Advisories - April 26, 2016 - 2:51pm

Posted by Salvatore Bonaccorso on Apr 26

-------------------------------------------------------------------------
Debian Security Advisory DSA-3557-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
April 26, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : mysql-5.5
CVE ID : CVE-2016-0640 CVE-2016-0641...
Categories:

Sophos XG Firewall (SF01V) - Persistent Web Vulnerability

BugTraq Latest Security Advisories - April 26, 2016 - 9:38am

Posted by Vulnerability Lab on Apr 26

Document Title:
===============
Sophos XG Firewall (SF01V) - Persistent Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1734

ID: 5740075

Release Date:
=============
2016-04-25

Vulnerability Laboratory ID (VL-ID):
====================================
1734

Common Vulnerability Scoring System:
====================================
3.5

Product & Service Introduction:...
Categories:

Bugtraq: Negin Group CMS - (v) Multiple Web Vulnerabilities

Security Focus Latest Security Advisories - April 26, 2016 - 9:00am
Negin Group CMS - (v) Multiple Web Vulnerabilities
Categories:

Bugtraq: Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability

Security Focus Latest Security Advisories - April 26, 2016 - 9:00am
Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability
Categories:

Bugtraq: Cyberoam Central Console v02.03.1 - Multiple Persistent Vulnerabilities

Security Focus Latest Security Advisories - April 26, 2016 - 9:00am
Cyberoam Central Console v02.03.1 - Multiple Persistent Vulnerabilities
Categories:

VoipNow v4.0.1 - (xajax_handler) Persistent Vulnerability

BugTraq Latest Security Advisories - April 26, 2016 - 8:30am

Posted by Vulnerability Lab on Apr 26

Document Title:
===============
VoipNow v4.0.1 - (xajax_handler) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1828

Release Date:
=============
2016-04-26

Vulnerability Laboratory ID (VL-ID):
====================================
1828

Common Vulnerability Scoring System:
====================================
3.8

Product & Service Introduction:...
Categories:

Trend Micro (Account) - Email Spoofing Web Vulnerability

BugTraq Latest Security Advisories - April 26, 2016 - 8:20am

Posted by Vulnerability Lab on Apr 26

Document Title:
===============
Trend Micro (Account) - Email Spoofing Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1693

Trend Micro ID: 1-1-1035655030

Release Date:
=============
2016-04-25

Vulnerability Laboratory ID (VL-ID):
====================================
1693

Common Vulnerability Scoring System:
====================================
4.6

Product & Service...
Categories:

next-20160426: linux-next

Linux Kernel Updates - April 26, 2016 - 2:18am
Version:next-20160426 (linux-next) Released:2016-04-26