WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting

A cross-site scripting vulnerability in js/taloaded.js.php in the Traffic Analyzer plugin, possibly 3.3.2 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTML via the aoid parameter." id: CVE-2013-3526 info: name: WordPress Plugin Traffic Analyzer - 'aoid'...

WordPress Spreadsheet - Cross-Site Scripting

WordPress Spreadsheet plugin contains a reflected cross-site scripting vulnerability in /dhtmlxspreadsheet/codebase/spreadsheet.php. id: CVE-2013-6281 info: name: WordPress Spreadsheet - Cross-Site Scripting author: random-robbie severity: medium description: | WordPress Spreadsheet plugin contai...

Ubuntu: Security Advisory (USN-2024-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...

Heap-based Buffer Over-read

OpenJPEG is an open source library for reading and writing image files in JPEG 2000 format. Multiple heap-based buffer overflow flaws were found in OpenJPEG. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash or,...

Use-After-Free

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

CentOS 5 : libtiff (CESA-2014:0223)

Updated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Ubuntu 12.10 / 13.04 / 13.10 : openjdk-7 vulnerabilities (USN-2089-1)

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. CVE-2013-3829, CVE-2013-5783, CVE-2013-5804, CVE-2014-0411 Several vulnerabilities were discovered in the...

USN-2089-1: OpenJDK 7 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. CVE-2013-3829, CVE-2013-5783, CVE-2013-5804, CVE-2014-0411 Several vulnerabilities were discovered in the...

CVE-2013-6463

Summary. The connected Nessus advisories associate CVEs 2013-7266, -7267, -7268, -7269, -7270, and -7271 with Unity Linux kernel vulnerabilities affecting 20.x releases. The flaws are in the Linux kernel code paths (net/packet/af_packet.c, net/ipx/af_ipx.c, net/appletalk/ddp.c, and other kernel s...

CVE-2013-7095

The XML parser crmflexdata in SAP Customer Relationship Management CRM 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity XXE issue...

SuSE 11.2 Security Update : OpenJDK 1.6 (SAT Patch Number 8598)

OpenJDK 1.6 was updated to the new Icedtea release 1.12.7, which includes many fixes for bugs and security issues : - S8006900, CVE-2013-3829: Add new date/time capability - S8008589: Better MBean permission validation - S8011071, CVE-2013-5780: Better crypto provider handling - S8011081,...

Firefox < 25.0.1 NSS and NSPR Multiple Vulnerabilities

The installed version of Firefox is a version prior to 25.0.1 and is, therefore, potentially affected by the following vulnerabilities : - An error exists related to handling input greater than half the maximum size of the 'PRUint32' value. CVE-2013-1741 - An error exists in the 'NullCipher'...

Debian Security Advisory DSA 2785-1 (chromium-browser - several vulnerabilities)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-2906 Atte Kettunen of OUSPG discovered race conditions in Web Audio. CVE-2013-2907 Boris Zbarsky discovered an out-of-bounds read in window.prototype. CVE-2013-2908 Chamal de Silva discovered an address bar spoofin...

firefox, xulrunner security update

CentOS Errata and Security Advisory CESA-2013:1268 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVS...

Design/Logic Flaw

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2013-183)

Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-1569 , CVE-2013-2383 , CVE-2013-2384 Multiple improper permission check issues were...

SuSE 11.3 Security Update : java-1_7_0-openjdk (SAT Patch Number 8090)

This update to icedtea-2.4.1 fixes various security issues : - S6741606, CVE-2013-2407: Integrate Apache Santuario - S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls - S7170730, CVE-2013-2451: Improve Windows network stack support. - S8000638, CVE-2013-2450: Improve...

Ubuntu 12.04 LTS / 12.10 / 13.04 : icedtea-web update (USN-1907-2)

USN-1907-1 fixed vulnerabilities in OpenJDK 7. Due to upstream changes, IcedTea Web needed an update to work with the new OpenJDK 7. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive...

CentOS 5 / 6 : thunderbird (CESA-2013:0982)

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...