TYPO3 Extension Akronymmanager 0.5.0 - SQL Injection

TYPO3 Extension Akronymmanager 0.5.0 - SQL Injection Advisory: SQL Injection in TYPO3 Extension Akronymmanager An SQL injection vulnerability in the TYPO3 extension "Akronymmanager" allows authenticated attackers to inject SQL statements and thereby read data from the TYPO3 database. Details...

CVE-2015-4370

Cross-site scripting XSS vulnerability in the Site Documentation module before 6.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms...

Cross site scripting

Cross-site scripting XSS vulnerability in the Site Documentation module before 6.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms...

CVE-2015-4370

Cross-site scripting XSS vulnerability in the Site Documentation module before 6.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms...

CVE-2015-4370

CVE-2015-4370 is a XSS in the Drupal Site Documentation module (6.x-1.x) prior to 6.x-1.5. Root cause: insufficient sanitization of user-supplied text on certain pages, exploitable by remote authenticated users with permission to create/edit taxonomy terms. Impact: arbitrary script/HTML injection...

Author Behind Ransomware Tox Calls it Quits, Sells Platform

Earlier this week, when the author behind the crypto-ransomware Locker apologized and released decryption keys for his victims, it seemed like a change of heart, uncharacteristic for an attacker. Now another ransomware creator has also decided to cut his losses and get out of the game – but not...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-doc-2.6.32 package of the Red Hat Enterprise Linux operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

SUSE SLED12 / SLES12 Security Update : webkitgtk (SUSE-SU-2015:0688-1)

This update fixes the following security issues : - Fix SSL connection issues with some websites after the POODLE vulnerability fix. - Fix a crash when loading flash plugins. - Fix build on GNU Hurd - Fix build on OS X. - Fix documentation of webkitprintoperationgetpagesetup. - Security fixes:...

[SECURITY] Fedora 21 Update: texlive-2014-7.1.20140525_r34255.fc21

The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...

Reflected Cross-Site Scripting vulnerability in asdoc generated documentation

------------------------------------------------------------------------ Reflected Cross-Site Scripting vulnerability in asdoc generated documentation ------------------------------------------------------------------------ Radjnies Bhansingh, March 2014...

Reflected Cross-Site Scripting vulnerability in asdoc generated documentation

------------------------------------------------------------------------ Reflected Cross-Site Scripting vulnerability in asdoc generated documentation ------------------------------------------------------------------------ Radjnies Bhansingh, March 2014...

ESA-2015-078: RSA® Identity Management and Governance (IMG) Insecure Password Reset Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-078: RSA® Identity Management and Governance IMG Insecure Password Reset Vulnerability EMC Identifier: ESA-2015-078 CVE Identifier: CVE-2015-0532 Severity Rating: CVSSv2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected Products: - RSA...

[SECURITY] Fedora 22 Update: texlive-2014-8.20140525_r34255.fc22

The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...

[SECURITY] Fedora 21 Update: mailman-2.1.20-1.fc21

Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from...

[SECURITY] Fedora 21 Update: ntp-4.2.6p5-30.fc21

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

Fedora 20 : zarafa-7.1.12-1.fc20 (2015-5864)

Zarafa Collaboration Platform 7.1.12 final 48726 ================================================== - ZCP-10149: Include Documentation hint for usage of NFS and -o nolock option - ZCP-10233: Zarafa-mr-accept script complains in certain cases about php timezone functions - ZCP-10578: missing...

Fedora 21 : zarafa-7.1.12-1.fc21 (2015-5823)

Zarafa Collaboration Platform 7.1.12 final 48726 ================================================== - ZCP-10149: Include Documentation hint for usage of NFS and -o nolock option - ZCP-10233: Zarafa-mr-accept script complains in certain cases about php timezone functions - ZCP-10578: missing...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the lesstif-doc package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Red Hat Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The kernel-doc-2.4.9 package of the Red Hat Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the krb5-doc package in the SUSE Linux Enterprise operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely by a malicious individual who has completed the...