4420 matches found
Low: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.0 update
Updated Red Hat JBoss Enterprise Application Platform 6.2.0 packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common...
libguestfs security, bug fix, and enhancement update
1:1.20.11-2 - Fix CVE-2013-4419: insecure temporary directory handling for guestfish's network socket resolves: rhbz1019737 1:1.20.11-1 - Rebase to libguestfs 1.20.11. resolves: rhbz958183 - Remove buildnet: builds now detect network automatically. - The rhel-6.x branches containing the patches...
[SECURITY] Fedora 20 Update: mantis-1.2.15-3.fc20
Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis When t...
[SECURITY] Fedora 19 Update: mantis-1.2.15-3.fc19
Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis-1.2.15...
[Hashcat v0.46] Multi-Threaded Password Hash Cracking Tool
hashcat claims to be the world’s fastest CPU-based password recovery tool, while not as fast as GPU powered hash brute forcing like CUDA-Multiforcer, it is still pretty fast. hashcat was written somewhere in the middle of 2009. Yes, there were already close-to-perfect working tools supporting...
[SECURITY] Fedora 20 Update: wireshark-1.10.3-3.fc20
Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...
CA20131024-01: Security Notice for CA SiteMinder
-----BEGIN PGP SIGNED MESSAGE----- CA20131024-01: Security Notice for CA SiteMinder Issued: October 24, 2013 CA Technologies Support is alerting customers to a potential vulnerability in CA SiteMinder that can be mitigated by utilizing existing product functionality. The vulnerability,...
Doconfiguretheme action accessible to non-administrative users
The doconfiguretheme action allows for configuration of the Documentation theme for Confluence. This action is defined in two namespaces, one of which is accessible by any user of Confluence including anonymous users, if anonymous use of Confluence is allowed. If this action is executed with no...
Doconfiguretheme action accessible to non-administrative users
The doconfiguretheme action allows for configuration of the Documentation theme for Confluence. This action is defined in two namespaces, one of which is accessible by any user of Confluence including anonymous users, if anonymous use of Confluence is allowed. If this action is executed with no...
CVE-2011-4383
...
CVE-2013-5750: Security issue in FOSUserBundle login form
Django recently released a new version of their framework to address a possible DOS attack when an attacker uses a very long password on a login form. One of the best practices for passwords is to store a hash of the password instead of the raw value. In Symfony, the encoders are responsible for...
NETELLER Direct Payment API is not vulnerable to reported parameter manipulation
Overview NETELLER Direct Payment API version 4.1.6 and possibly earlier versions were reported to be vulnerable to parameter manipulation via a modified HTTP POST request. After further analysis and discussion with NETELLER, this report was found to be incorrect. The NETELLER Direct Payment API i...
Implement clickjacking protection on https://answers.atlassian.com/
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46884. panel We received an external security report from Monendra Sahu that https://answers.atlassian.com/ is vulnerable to...
Implement clickjacking protection on https://answers.atlassian.com/
panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-46884. panel We received an external security report from Monendra Sahu that https://answers.atlassian.com/ is vulnerable to...
Fedora Update for wireshark FEDORA-2013-16696
Check for the Version of wireshark OpenVAS Vulnerability Test Fedora Update for wireshark FEDORA-2013-16696 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Fedora Update for wireshark FEDORA-2013-16362
Check for the Version of wireshark OpenVAS Vulnerability Test Fedora Update for wireshark FEDORA-2013-16362 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
getRedirect in JiraWebActionSupport redirects to unsafe URLs by default
In jira-components/jira-api/src/main/java/com/atlassian/jira/web/action/JiraWebActionSupport.java the following code is found: code:java / Redirects to the value of @code getReturnUrl, falling back to @code defaultUrl if the @code returnUrl is not set. This method clears the @code returnUrl. If...
getRedirect in JiraWebActionSupport redirects to unsafe URLs by default
In jira-components/jira-api/src/main/java/com/atlassian/jira/web/action/JiraWebActionSupport.java the following code is found: code:java / Redirects to the value of @code getReturnUrl, falling back to @code defaultUrl if the @code returnUrl is not set. This method clears the @code returnUrl. If...
[SECURITY] Fedora 19 Update: drupal7-theme-zen-5.4-1.fc19
Zen is a powerful, yet simple, HTML5 starting theme with a responsive, mobile-first grid design. If you are building your own standards-compliant theme, you will find it much easier to start with Zen than to start with Garland or Stark. This theme has fantastic online documentation...
[SECURITY] Fedora 18 Update: drupal7-theme-zen-5.4-1.fc18
Zen is a powerful, yet simple, HTML5 starting theme with a responsive, mobile-first grid design. If you are building your own standards-compliant theme, you will find it much easier to start with Zen than to start with Garland or Stark. This theme has fantastic online documentation...