Moderate: Red Hat Security Advisory: rh-ror41-rubygem-actionview security update

An update for rh-ror41-rubygem-actionview is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

[SECURITY] Fedora 24 Update: flex-2.6.0-2.fc24

The flex program generates scanners. Scanners are programs which can recognize lexical patterns in text. Flex takes pairs of regular expressions and C code as input and generates a C source file as output. The output file is compiled and linked with a library to produce an executable. The...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit, related to subcomponents of the application. Exploiting this vulnerability allows a malicious attacker to compromise data confidentiality and integrity by using the JNDI subcomponent...

[SECURITY] Fedora 21 Update: ProDy-1.7.1-1.fc21

ProDy is a free and open-source Python package for protein structure, dynam ics, and sequence analysis. It allows for comparative analysis and modeling of protein structural dynamics and sequence co-evolution. Fast and flexible P roDy API is for interactive usage as well as application developmen...

[SECURITY] [DSA 3358-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3358-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2015 https://www.debian.org/security/faq -...

[SECURITY] Fedora 22 Update: jython-2.7-0.7.rc2.fc22

Jython is an implementation of the high-level, dynamic, object-oriented language Python seamlessly integrated with the Java platform. The predecessor to Jython, JPython, is certified as 100% Pure Java. Jython is freely available for both commercial and non-commercial use and is distributed with...

[SECURITY] Fedora 22 Update: qt5-qtbase-5.4.1-9.fc22

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

Discuz!某工具写文件导致getshell

简要描述： 就不告诉你们是什么工具，哼！害羞 详细说明： 产品名：Discuz!应用开发助手 安装量较高，此处分析此产品可getshell的一个部分。 创建应用处如下填写。 此处创建时他会存入数据库，进入下一步。 只需在 “普通页面嵌入脚本” 处 填入任意字符。 如xxx.class.php，填完直接下一步到导出插件包。 此时会在/data/develop/生成igetshell目录,目录下的xxx.class.php为插入的内容。 漏洞证明： 随便找了个站测试的，求不水表。...

Debian DSA-3008-1 : php5 - security update

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-3538 It was discovered that the original fix for CVE-2013-7345 did not...

DSA-3008-1 php5 - security update

Bulletin has no description...

PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability

No description provided by source. PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability Vendor: Prado Software Product web page: http://www.pradosoft.com Affected version: 3.2.0 r3169 Summary: PRADO is a component-based and event-driven programming framework for developing Web applications...

[SECURITY] Fedora 19 Update: qt-4.8.6-5.fc19

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

[SECURITY] Fedora 19 Update: qt5-qtbase-5.2.1-8.fc19

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

SAP Sybase SQL Anywhere OpenSSL TLS心跳信息泄漏漏洞

CVE ID:CVE-2014-0160 SAP Sybase SQL Anywhere是一套全面的解决方案,它提供了数据管理、同步和数据交换技术,可快速在远程和移动环境中开发并配置数据库驱动的应用程序。 SAP Sybase SQL Anywhere所绑定的OpenSSL存在安全漏洞，OpenSSL处理TLS”心跳“扩展存在一个边界错误，允许攻击者利用漏洞获取64k大小的已链接客户端或服务器的内存内容。内存信息可包括私钥，用户名密码等。 0 SAP Sybase SQL Anywhere 12.x SAP Sybase SQL Anywhere 16.x SAP Sybase SQL...

[SECURITY] Fedora 19 Update: qt-4.8.5-15.fc19

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

[SECURITY] Fedora 20 Update: qt-4.8.5-15.fc20

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

DSA-2742-1 php5 - interpretation conflict

Bulletin has no description...

Google Play Android Apps Must Update in Google Store

The Google Play store has been an Eden for hackers wanting to get malicious code onto Android devices. A number of things made the marketplace too tempting for attackers to resist, including the open source nature of the operating system, lax vetting of developers, and the ability to modify code ...

[SECURITY] Fedora 18 Update: qt-4.8.4-11.fc18

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

DSA-2620-1 rails - several

Bulletin has no description...