[SECURITY] Fedora 21 Update: claws-mail-plugins-3.11.1-1.fc21

Additional plugins for Claws Mail...

[SECURITY] Fedora 21 Update: pidgin-2.10.10-2.fc21

Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...

[SECURITY] Fedora 20 Update: claws-mail-plugins-3.11.1-1.fc20

Additional plugins for Claws Mail...

CVE-2014-7176

SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the lobaltxt parameter to plugins/docman...

Sql injection

SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the lobaltxt parameter to plugins/docman...

CVE-2014-7176

SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the lobaltxt parameter to plugins/docman...

SuSE 11.3 Security Update : nagios-plugins (SAT Patch Number 9830)

This security update fixes the following issues : - Removed the requirement for root access from plugins-root/checkicmp.c and plugins-root/checkicmp.c. The necessary capabilities7 were added to the README file. - Fixed array out of bounds issue in plugins-root/checkdhcp.c. %NASLMINLEVEL 70300 C...

Web Auditing Framework: GoLismero

GoLismero is an open source framework for security testing. It’s currently geared towards web security, but it can easily be expanded to other kinds of scans. Features: Real platform independence. Tested on Windows, Linux, BSD and OS X. No native library dependencies. All of the framework has bee...

Sql injection

SQL injection vulnerability in XRMS CRM, possibly 1.99.2, allows remote attackers to execute arbitrary SQL commands via the userid parameter to plugins/webform/new-form.php, which is not properly handled by plugins/useradmin/fingeruser.php...

CVE-2014-3667

Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with the Overall/READ permission to obtain sensitive information by reading the plugin code...

CVE-2014-2576

plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPTSSLVERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle MITM attacks...

Twiki Perl 4.x, 5.x, 6.x Upload Bypass / Code Execution Vulnerabilities

The debugenableplugins request parameter in Twiki versions 4.x, 5.x, and 6.0.0 allows arbitrary Perl code execution and suffer from a file upload bypass vulnerability. This is an advisory for TWiki administrators: The debugenableplugins request parameter allows arbitrary Perl code execution...

[SECURITY] Fedora 20 Update: digikam-4.3.0-2.fc20

digiKam is an easy to use and powerful digital photo management application, which makes importing, organizing and manipulating digital photos a "snap". An easy to use interface is provided to connect to your digital camera, preview the images and download and/or delete them. digiKam built-in ima...

[SECURITY] Fedora 20 Update: libkipi-4.14.1-1.fc20

Kipi KDE Image Plugin Interface is an effort to develop a common plugin structure for Digikam, Gwenview, etc.. Its aim is to share image plugins among graphic applications...

[SECURITY] Fedora 20 Update: kdegraphics-mobipocket-4.14.1-1.fc20

A collection of plugins to handle mobipocket files...

Wordpress Plugins Premium Gallery Manager Unauthenticated Configuration Access Vulnerability

No description provided by source. Exploit Title : Wordpress Plugins Premium Gallery Manager Unauthenticated Configuration Access Vulnerability Author : Hannaichi @dntkun Date : February 5th, 2014 Type : php, html, htm, asp, etc. Category : Web Applications Vulnerability : Unauthenticated...

WPHardening - WPHardening fortification is a security tool for WordPress

WPHardening is a security tool for WordPress. Different tools to hardening WordPress. Usage $ python wphardening.py -h Options: --version show program's version number and exit -h, --help show this help message and exit -v, --verbose Active verbose mode output results --update Check for WPHardeni...

Wordpress Plugins Premium Gallery Manager Unauthenticated Configuration Access Vulnerability

Exploit for php platform in category web applications Exploit Title : Wordpress Plugins Premium Gallery Manager Unauthenticated Configuration Access Vulnerability Author : Hannaichi @dntkun Date : February 5th, 2014 Type : php, html, htm, asp, etc. Category : Web Applications Vulnerability :...

CSRF, XSS Vulnerabilities Afflict Wordpress Plugins

A smattering of bugs, mostly cross-site scripting XSS and cross-site request forgery CSRF vulnerabilities, have been plaguing at least eight different WordPress plugins as of late. A security researcher going by the pseudonym Voxel@Night published on Monday information regarding the...

[SECURITY] Fedora 20 Update: wireshark-1.10.9-1.fc20

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...