[SECURITY] Fedora 17 Update: guacamole-ext-0.6.1-2.fc17

Guacamole is an HTML5 web application that provides access to desktop environments using remote desktop protocols such as VNC or RDP. A centraliz ed server acts as a tunnel and proxy, allowing access to multiple desktops thr ough a web browser. No plugins are needed: the client requires nothing...

CVE-2011-5198

SQL injection vulnerability in search.php in Neturf eCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the SearchFor parameter. NOTE: some of these details are obtained from third party information...

cumin: authentication bypass flaws

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to 1 "web pages," 2 "export functionality," and 3 "image viewin...

cumin: authentication bypass flaws

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to 1 "web pages," 2 "export functionality," and 3 "image viewin...

FreeBSD Ports: php5

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

bacula -- Console ACL Bypass

A security issue has been reported in Bacula, which can be exploited by malicious users to bypass certain security restrictions. The security issue is caused due to an error within the implementation of console ACLs, which can be exploited to gain access to certain restricted functionality and e....

Slackware Advisory SSA:2005-310-02 KOffice/KWord

The remote host is missing an update as announced via advisory SSA:2005-310-02. OpenVAS Vulnerability Test $Id: esoftslkssa200531002.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

[SECURITY] Fedora 16 Update: roundcubemail-0.7.3-1.fc16

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Cross site request forgery (csrf)

The web interface in McAfee Firewall Reporter before 5.1.0.13 does not properly implement cookie authentication, which allows remote attackers to obtain access, and disable anti-virus functionality, via an HTTP request...

Ubuntu: Security Advisory (USN-1542-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross site scripting

Cross-site scripting XSS vulnerability in the file-upload functionality in the Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 allows remote authenticated users to inject arbitrary web script or HTML via the File Description field...

databases/postgresql*-server -- multiple vulnerabilities

The PostgreSQL Global Development Group reports: The PostgreSQL Global Development Group today released security updates for all active branches of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and 8.3.20. This update patches security holes associated with libxml2 and...

Debian DSA-2529-1 : python-django - several vulnerabilities

Jeroen Dekkers and others reported several vulnerabilities in Django, a Python Web framework. The Common Vulnerabilities and Exposures project defines the following issues : - CVE-2012-3442 Two functions do not validate the scheme of a redirect target, which might allow remote attackers to conduc...

Dorifel Malware Encrypts Files, Steals Financial Data, May Be Related to Zeus or Citadel

While much of the world was focused yesterday on the Gauss malware saga, there was another interesting infection happening, mainly in the Netherlands, that researchers think may be related to the Zeus and Citadel attacks, though the motivation behind the attack is somewhat of a mystery. The new...

FreeBSD Ports: chromium

The remote host is missing an update to the system as announced in the referenced advisory. VID ce84e136-e2f6-11e1-a8ca-00262d5ed8ee OpenVAS Vulnerability Test $ Description: Auto generated from VID ce84e136-e2f6-11e1-a8ca-00262d5ed8ee Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

CVE-2012-2863

The PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations...

CVE-2012-2862

Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...

Design/Logic Flaw

Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...

CVE-2012-2863

The PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations...

CVE-2012-2862

Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...