Openconstructor CMS 3.12.0 \'id\' Parameter Multiple SQL Injection

No description provided by source. Title: Openconstructor CMS 3.12.0 'id' parameter multiple SQL injection vulnerabilities Affected Software: http://www.openconstructor.org/ http://code.google.com/p/openconstructor/downloads/list...

Fedora 20 : php-5.5.10-1.fc20 (2014-3534)

Excerpt from upstream NEWS: 06 Mar 2014, PHP 5.5.10 Core : - Fixed Request 66574i Allow multiple paths in phpiniscannedpath. Remi Date : - Fixed bug 45528 Allow the DateTimeZone constructor to accept timezones per offset too. Derick Fileinfo : - Fixed bug 66731 file: infinite recursion...

OpenJDK: getEnclosing* checks (Libraries, 8007812)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...

OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

Amazon Linux AMI : perl (ALAS-2011-19)

A heap-based buffer overflow flaw was found in the way Perl decoded Unicode strings. An attacker could create a malicious Unicode string that, when decoded by a Perl program, would cause the program to crash or, potentially, execute arbitrary code with the permissions of the user running the...

OpenJDK: getEnclosing* checks (Libraries, 8007812)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...

Fedora Update for ktuberling FEDORA-2013-10182

Check for the Version of ktuberling OpenVAS Vulnerability Test Fedora Update for ktuberling FEDORA-2013-10182 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

[SECURITY] Fedora 17 Update: ktuberling-4.10.4-1.fc17

KTuberling a simple constructor game suitable for children and adults alike. The idea of the game is based around a once popular doll making concept. A potato was decorated with various small artifacts to make it look more like a tiny person. KTuberling however, goes much further in terms of...

Fedora Update for ktuberling FEDORA-2013-10130

Check for the Version of ktuberling OpenVAS Vulnerability Test Fedora Update for ktuberling FEDORA-2013-10130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

[SECURITY] Fedora 18 Update: ktuberling-4.10.4-1.fc18

KTuberling a simple constructor game suitable for children and adults alike. The idea of the game is based around a once popular doll making concept. A potato was decorated with various small artifacts to make it look more like a tiny person. KTuberling however, goes much further in terms of...

MozillaThunderbird: update to 17.0.6 (important)

MozillaThunderbird was updated to security update Thunderbird 17.0.6 bnc819204: MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards MFSA 2013-42/CVE-2013-1670 bmo853709 Privileged access for content level constructor MFSA 2013-46/CVE-2013-1674 bmo860971 Use-after-free wit...

[SECURITY] Fedora 19 Update: ktuberling-4.10.4-1.fc19

KTuberling a simple constructor game suitable for children and adults alike. The idea of the game is based around a once popular doll making concept. A potato was decorated with various small artifacts to make it look more like a tiny person. KTuberling however, goes much further in terms of...

Firefox < 21.0 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is earlier than 21.0 and is, therefore, potentially affected by multiple vulnerabilities : - Various memory safety issues exist. CVE-2013-0801, CVE-2013-1669 - It is possible to call a content level constructor that allows for the constructor to have chrome...

Privileged access for content level constructor — Mozilla

Security researcher Cody Crews reported a method to call a content level constructor that allows for this constructor to have chrome privileged access. This affects chrome object wrappers COW and allows for write actions on objects when only read actions should be allowed. This can lead to...

Custom Seraph Authenticators broken in Confluence 5.0

The constructor signature of com.atlassian.confluence.event.events.security.LoginEvent changed between Confluence 4.3.x and 5.0 - an additional String parameter was added to the constructor. From this: code public LoginEventObject src, String username, String sessionId, String remoteHost, String...

Custom Seraph Authenticators broken in Confluence 5.0

The constructor signature of com.atlassian.confluence.event.events.security.LoginEvent changed between Confluence 4.3.x and 5.0 - an additional String parameter was added to the constructor. From this: code public LoginEventObject src, String username, String sessionId, String remoteHost, String...

Custom Seraph Authenticators broken in Confluence 5.0

The constructor signature of com.atlassian.confluence.event.events.security.LoginEvent changed between Confluence 4.3.x and 5.0 - an additional String parameter was added to the constructor. From this: code public LoginEventObject src, String username, String sessionId, String remoteHost, String...

OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2013:010)

Multiple security issues were identified and fixed in OpenJDK icedtea6 : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Impro...