Feed aggregator

Bugtraq: [KIS-2016-04] SugarCRM <= 6.5.18 Missing Authorization Check Vulnerabilities

[KIS-2016-04] SugarCRM <= 6.5.18 Missing Authorization Check Vulnerabilities
Categories:

Bugtraq: ESA-2016-069: EMC Documentum WebTop and WebTop Clients Improper Authorization Vulnerability

ESA-2016-069: EMC Documentum WebTop and WebTop Clients Improper Authorization Vulnerability
Categories:

Bugtraq: Open-Xchange Security Advisory 2016-06-22

Open-Xchange Security Advisory 2016-06-22
Categories:

SEC Consult SA-20160624-0 :: ASUS DSL-N55U router XSS and information disclosure

BugTraq Latest Security Advisories - June 24, 2016 - 7:50am

Posted by SEC Consult Vulnerability Lab on Jun 24

SEC Consult Vulnerability Lab Security Advisory < 20160624-0 >
=======================================================================
title: XSS and information disclosure vulnerability
product: ASUS DSL-N55U router
vulnerable version: 3.0.0.4.376_2736
fixed version: 3.0.0.4_380_3679
CVE number: requested
impact: Medium
homepage: https://www.asus.com/
found:...
Categories:

[KIS-2016-06] SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability

BugTraq Latest Security Advisories - June 24, 2016 - 7:38am

Posted by Egidio Romano on Jun 24

-----------------------------------------------------------------------------
SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability
-----------------------------------------------------------------------------

[-] Software Link:

http://www.sugarcrm.com/

[-] Affected Versions:

Version 6.5.18 CE and other versions.

[-] Vulnerability Description:

The vulnerable code is located within the MySugar::addDashlet() method:...
Categories:

[KIS-2016-05] SugarCRM <= 6.5.18 Two PHP Code Injection Vulnerabilities

BugTraq Latest Security Advisories - June 24, 2016 - 7:26am

Posted by Egidio Romano on Jun 24

---------------------------------------------------------
SugarCRM <= 6.5.18 Two PHP Code Injection Vulnerabilities
---------------------------------------------------------

[-] Software Link:

http://www.sugarcrm.com/

[-] Affected Versions:

Version 6.5.18 CE and prior versions.

[-] Vulnerabilities Description:

1) The vulnerable code is located in the /include/utils/array_utils.php script:

99. function...
Categories:

[KIS-2016-04] SugarCRM <= 6.5.18 Missing Authorization Check Vulnerabilities

BugTraq Latest Security Advisories - June 24, 2016 - 7:16am

Posted by Egidio Romano on Jun 24

--------------------------------------------------------------
SugarCRM <= 6.5.18 Missing Authorization Check Vulnerabilities
--------------------------------------------------------------

[-] Software Link:

http://www.sugarcrm.com/

[-] Affected Versions:

Version 6.5.18 CE and prior versions.

[-] Vulnerabilities Description:

The application fails to properly check whether the user has administrator privileges within the following...
Categories:

[KIS-2016-07] SugarCRM <= 6.5.23 (SugarRestSerialize.php) PHP Object Injection Vulnerability

BugTraq Latest Security Advisories - June 24, 2016 - 7:06am

Posted by Egidio Romano on Jun 24

------------------------------------------------------------------------------
SugarCRM <= 6.5.23 (SugarRestSerialize.php) PHP Object Injection Vulnerability
------------------------------------------------------------------------------

[-] Software Link:

http://www.sugarcrm.com/

[-] Affected Versions:

Version 6.5.23 CE and prior versions.

[-] Vulnerability Description:

The vulnerable code is located in the...
Categories:

Bugtraq: [ERPSCAN-16-018] SAP Application server for Javat - DoS vulnerability

[ERPSCAN-16-018] SAP Application server for Javat - DoS vulnerability
Categories:

Bugtraq: [ERPSCAN-16-017] SAP JAVA AS icman - DoS vulnerability

[ERPSCAN-16-017] SAP JAVA AS icman - DoS vulnerability
Categories:

next-20160624: linux-next

Linux Kernel Updates - June 24, 2016 - 1:52am
Version:next-20160624 (linux-next) Released:2016-06-24

next-20160623: linux-next

Linux Kernel Updates - June 23, 2016 - 2:00am
Version:next-20160623 (linux-next) Released:2016-06-23

3.18.36: longterm

Linux Kernel Updates - June 22, 2016 - 11:03pm
Version:3.18.36 (longterm) Released:2016-06-23 Source:linux-3.18.36.tar.xz PGP Signature:linux-3.18.36.tar.sign Patch:patch-3.18.36.xz (Incremental) ChangeLog:ChangeLog-3.18.36

4.1.27: longterm

Linux Kernel Updates - June 22, 2016 - 11:01pm
Version:4.1.27 (longterm) Released:2016-06-23 Source:linux-4.1.27.tar.xz PGP Signature:linux-4.1.27.tar.sign Patch:patch-4.1.27.xz (Incremental) ChangeLog:ChangeLog-4.1.27