Fedora 25 : kernel (2017-90aaa5bd24)

The 4.10.5 stable kernel update contains a number of important fixes across the tree. ---- The 4.10.4 stable kernel update contains a number of important fixes across the tree. It also reverts CONFIGCFG80211CRDASUPPORT to match the previous 4.9 kernels. ---- The 4.10.3 kernel rebase contains a...

[SECURITY] Fedora 25 Update: rpm-ostree-2017.3-2.fc25

rpm-ostree is a hybrid image/package system. It supports "composing" packages on a build server into an OSTree repository, which can then be replicated by client systems with atomic upgrades. Additionally, unlike many "pure" image systems, with rpm-ostree each client system can layer on additiona...

March 2017 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Security bulletins were also...

Design/Logic Flaw

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

Buffer overflow

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: GUI. Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2017-3325

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: EAI. The supported version that is affected is 16.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require...

CVE-2016-5528

Removed by vendor...

January 2017 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security...

December 2016 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security...

Black Hole Exploit Kit Website Redirection

Black Hole Exploit Kit exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Black Hole EK by redirecting them to a malicious web page. Successful infection will allow the attacker to download additional...

September 2016 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security...

Inteno EG101R1 VoIP Router - DNS Change

Inteno EG101R1 VoIP Router - DNS Change !/bin/bash Inteno EG101R1 VoIP Router Unauthenticated Remote DNS Change Exploit Copyright 2016 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is...

openSUSE Security Update : OpenJDK7 (openSUSE-2016-982)

Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection domains under Javax custom policy - S8148872, CVE-2016-3500:...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-977)

This update for java-170-openjdk fixes the following issues : - Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-976)

This update for java-170-openjdk fixes the following issues : - Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection...

Security update for java-1_7_0-openjdk (important)

This update for java-170-openjdk fixes the following issues: - Update to 2.6.7 - OpenJDK 7u111 Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection domai...

Fedora 23 : drupal7-views (2016-ed5f606dde)

Fixes Views - Less Critical - Access Bypass - SA-CONTRIB-2016-036 Changes since 7.x-3.13 : - Adding field handlers for statistics fields - \2200309 by helmo: Changed invalid placeholder from 'handler' to 'extender'. - \2708535 by stefan.r: Allow users to sort on a specific language, showing it...

[SECURITY] Fedora 24 Update: kf5-knewstuff-5.24.0-1.fc24

KDE Frameworks 5 Tier 3 module for downloading and sharing additional application data like plugins, themes, motives, etc...

June 2016 security update release

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security...

CVE-2015-5723

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...