[SECURITY] Fedora 22 Update: ikiwiki-3.20150329-1.fc22

Ikiwiki is a wiki compiler. It converts wiki pages into HTML pages suitable for publishing on a website. Ikiwiki stores pages and history in a revision control system such as Subversion or Git. There are many other features, including support for blogging, as well as a large array of plugins...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the gstreamer0.10-plugins-good package of the Debian GNU/Linux operating system may lead to violations of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The gstreamer0.10-plugins-bad-dbg package on the Debian GNU/Linux operating system has multiple vulnerabilities. Exploiting these vulnerabilities may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the gstreamer0.10-plugins-bad package of the Debian GNU/Linux operating system may lead to violations of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

The vulnerability of the Gentoo Linux operating system, which allows a malicious intruder to compromise the accessibility of protected information

The vulnerability of the kdegraphics-kfile-plugins package up to version 3.5.5-r1 in the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities exist in the gstreamer0.10-plugins-good-doc package for the Debian GNU/Linux operating system. Exploitation of these vulnerabilities may lead to violations of the confidentiality, integrity, and accessibility of protected information. Vulnerabilities can be exploited...

elasticsearch -- directory traversal attack with site plugins

Elastic reports: Vulnerability Summary: All Elasticsearch versions prior to 1.5.2 and 1.4.5 are vulnerable to a directory traversal attack that allows an attacker to retrieve files from the server running Elasticsearch when one or more site plugins are installed, or when Windows is the server OS...

SUSE-SU-2015:0942-1 Security update for gstreamer-0_10-plugins-bad

gstreamer-010-plugins-bad was updated to fix a security issue, a buffer overflow in mp4 parsing bnc927559 CVE-2015-0797...

MobaXterm - Terminal for Windows with X11 server, tabbed SSH client, network tools and much more...

MobaXterm is your ultimate toolbox for remote computing. In a single Windows application, it provides loads of functions that are tailored for programmers, webmasters, IT administrators and pretty much all users who need to handle their remote jobs in a more simple fashion. MobaXterm provides all...

KLA10554 Denial of service vulnerability in Mozilla Firefox

Race condition was found in Mozilla Firefox. By exploiting this vulnerability malicious users can cause denial of service or other unknown impact. This vulnerability can be exploited remotely via an unknown vectors related to plugins. Original advisories MFSA Related products Mozilla-Firefox CVE...

Multiple iThemes plugins, themes and add-ons - XSS via add_query_arg() and remove_query_arg()

...

Lynis 2.1.0 - Security Auditing Tool for Unix/Linux Systems

Lynis is an open source security auditing tool. Commonly used by system administrators, security professionals and auditors, to evaluate the security defenses of their Linux/Unix based systems. It runs on the host itself, so it can perform very extensive security scans. Supported operating system...

[SECURITY] Fedora 20 Update: owncloud-7.0.5-2.fc20

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...

Debian DSA-3225-1 : gst-plugins-bad0.10 - security update

Aki Helin discovered a buffer overflow in the GStreamer plugin for MP4 playback, which could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3225...

Google Shuts Off NPAPI in Chrome

With the release of Chrome 42 this week, Google fixed more than 40 vulnerabilities. But the most significant security change in the new browser is Google’s decision to disable the NPAPI, essentially turning off plugins such as Java and Silverlight by default. The decision didn’t come out of...

Own a WordPress Website? ISIS is After You — FBI warns

If you run a self-hosted WordPress website, then you must Beware: "ISIS is after you." Yes, you heard right. The United States Federal Bureau of Investigation FBI is warning WordPress users to patch vulnerable plugins for the popular content management system before ISIS exploit them to display...

[SECURITY] Fedora 21 Update: drupal7-ctools-1.7-1.fc21

This suite is primarily a set of APIs and tools to improve the developer experience. It also contains a module called the Page Manager whose job is to manage pages. In particular it manages panel pages, but as it grows it will be able to manage far more than just Panels. For the moment, it includ...

Tomcat/JBossWeb: XML parser hijack by malicious web application

It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by JBoss Web / Apache Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors TLDs, and tag plug-in configuration files. The injected XML...

CVE-2015-2172

DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API...

CVE-2015-2172

DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API...