Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:011)

Multiple vulnerabilities has been discovered and corrected in java-1.7.0-openjdk : An input validation flaw was discovered in the font layout engine in the 2D component. A specially crafted font file could trigger Java Virtual Machine memory corruption when processed. An untrusted Java applicatio...

[Pinpoint] Enumerates WebPage Components to help identify the Infected Files

Pinpoint works like wget/curl in that it just fetches a webpage without rendering any script. Pinpoint will then try to determine which links are used to make up the webpage such as Javascript, CSS, frames, and iframes and downloads those files too some Javascript content will produce incorrect...

Fedora Update for python-setuptools FEDORA-2013-23141

Check for the Version of python-setuptools OpenVAS Vulnerability Test Fedora Update for python-setuptools FEDORA-2013-23141 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora Update for python-setuptools FEDORA-2013-23140

Check for the Version of python-setuptools OpenVAS Vulnerability Test Fedora Update for python-setuptools FEDORA-2013-23140 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

[SECURITY] Fedora 19 Update: python-setuptools-0.6.49-1.fc19

Setuptools is a collection of enhancements to the Python distutils that all ow you to more easily build and distribute Python packages, especially ones th at have dependencies on other packages. This package contains the runtime components of setuptools, necessary to execute the software that...

CVE-2013-6987

Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager DSM before 4.3-3810 Update 3 allow remote attackers to read, write, and delete arbitrary files via a .. dot dot in the 1 path parameter to filedelete.cgi or 2 folderpath parameter to...

Microsoft Exchange Server multiple security vulnerabilities

Machine authentication check code execution, crossite scripting, Oracle components code execution...

[SECURITY] Fedora 18 Update: php-symfony2-HttpKernel-2.2.10-1.fc18

HttpKernel provides the building blocks to create flexible and fast HTTP-based frameworks. It takes a Request as an input and should return a Response as an output. Using this interface makes your code compatible with all frameworks using the Symfony2 components. And this will give you many cool...

CVE-2013-6910

Cross-site scripting XSS vulnerability in Ajax components in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

RHEL 6 : java-1.6.0-openjdk (RHSA-2013:1505)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1505 advisory. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Multiple inp...

Joomla! -- Core XSS Vulnerabilities

The JSST and the Joomla! Security Center report: 20131101 Core XSS Vulnerability Inadequate filtering leads to XSS vulnerability in comcontact. 20131102 Core XSS Vulnerability Inadequate filtering leads to XSS vulnerability in comcontact, comweblinks, comnewsfeeds. 20131103 Core XSS Vulnerability...

Debian DSA-2786-1 : icu - several vulnerabilities

The Google Chrome Security Team discovered two issues a race condition and a use-after-free issue in the International Components for Unicode ICU library. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securit...

Fedora Update for libgpg-error FEDORA-2013-18814

Check for the Version of libgpg-error OpenVAS Vulnerability Test Fedora Update for libgpg-error FEDORA-2013-18814 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Debian DSA-2785-1 : chromium-browser - several vulnerabilities

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2013-2906 Atte Kettunen of OUSPG discovered race conditions in Web Audio. - CVE-2013-2907 Boris Zbarsky discovered an out-of-bounds read in window.prototype. - CVE-2013-2908 Chamal de Silva discovered an address bar...

[SECURITY] Fedora 18 Update: libgpg-error-1.11-1.fc18

This is a library that defines common error values for all GnuPG components. Among these are GPG, GPGSM, GPGME, GPG-Agent, libgcrypt, pinentry, SmartCard Daemon and possibly more in the future...

Debian: Security Advisory (DSA-2786-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mac OS X < 10.9 Multiple Vulnerabilities

Binary data 8040.prm...

OpenJDK: MediaTracker created Component instances with unnecessary privileges (Swing, 7020198)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availabili...

Cisco Unified Computing System Fabric Interconnect Denial of Service Vulnerability

A vulnerability in the fabric interconnect of Cisco Unified Computing System could allow an authenticated, local attacker to cause a denial of service DoS condition. The vulnerability is due to improper filtering of user-supplied parameters. An attacker could exploit this vulnerability by executi...

CVE-2013-5789

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787,...