Oracle Linux 4 : gstreamer-plugins (ELSA-2011-0477)

From Red Hat Security Advisory 2011:0477 : Updated gstreamer-plugins packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base...

Oracle Linux 3 : gstreamer-plugins (ELSA-2009-0269)

From Red Hat Security Advisory 2009:0269 : Updated gstreamer-plugins packages that fix one security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The gstreamer-plugins package contains...

Oracle Linux 4 : gstreamer-plugins (ELSA-2011-1264)

From Red Hat Security Advisory 2011:1264 : Updated gstreamer-plugins packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS...

Oracle Linux 5 : gstreamer-plugins-base (ELSA-2009-0352)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2009-0352 advisory. 0.10.20-3.0.1 - CVE-2009-0586: integer overflow in gstvorbistagaddcoverart 488210 Tenable has extracted the preceding description block directly from the Oracle...

CVE-2013-2201

Multiple cross-site scripting XSS vulnerabilities in WordPress before 3.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 uploads of media files, 2 editing of media files, 3 installation of plugins, 4 updates to plugins, 5 installation of themes, or 6 updat...

CVE-2013-2201

Multiple cross-site scripting XSS vulnerabilities in WordPress before 3.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 uploads of media files, 2 editing of media files, 3 installation of plugins, 4 updates to plugins, 5 installation of themes, or 6 updat...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in WordPress before 3.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 uploads of media files, 2 editing of media files, 3 installation of plugins, 4 updates to plugins, 5 installation of themes, or 6 updat...

CVE-2013-2201

Multiple cross-site scripting XSS vulnerabilities in WordPress before 3.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 uploads of media files, 2 editing of media files, 3 installation of plugins, 4 updates to plugins, 5 installation of themes, or 6 updat...

CVE-2013-2201

Multiple cross-site scripting XSS vulnerabilities in WordPress before 3.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 uploads of media files, 2 editing of media files, 3 installation of plugins, 4 updates to plugins, 5 installation of themes, or 6 updat...

Vulnerabilities in multiple plugins for WordPress with VideoJS

Hello 3APA3A! These are Cross-Site Scripting vulnerabilities in multiple plugins for WordPress with VideoJS. Earlier I've wrote about vulnerabilities in VideoJS http://seclists.org/fulldisclosure/2013/May/21. This is popular video and audio player, which is used at hundreds thousands of web sites...

Solaris 10 (sparc) : 143049-02 (deprecated)

Sun Cluster 3.1: HA-Oracle E-business suite Patch for Solaris 10. Date this patch was last updated by Sun : Feb/03/10 This plugin has been deprecated and either replaced with individual 143049 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security,...

Debian DSA-2718-1 : wordpress - several vulnerabilities

Several vulnerabilities were identified in WordPress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the wordpress package to the latest upstream version instead of backporting the patches...

DSA-2718-1 wordpress - several

Bulletin has no description...

Carberp Source Code Leaked

The source code for the Carberp Trojan, which typically sells for $40,000 on the underground, has been leaked and is now available to anyone who wants it. The leak has echoes of the release of the Zeus crimeware source code a couple of years ago and has security researchers concerned that it may...

[SECURITY] Fedora 18 Update: owncloud-4.5.12-1.fc18

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...

Popular WordPress Themes, Plug-Ins Vulnerable to Attack

Since late March, no fewer than a half-dozen high profile attacks have involved a compromised website built on the WordPress platform. Attackers abuse vulnerabilities in the content management system’s customizable plug-ins and themes to pull off anything from drive-by downloads to watering hole...

[SECURITY] Fedora 18 Update: kdegraphics-mobipocket-4.10.4-1.fc18

A collection of plugins to handle mobipocket files...

[SECURITY] Fedora 17 Update: nrpe-2.14-3.fc17

Nrpe is a system daemon that will execute various Nagios plugins locally on behalf of a remote monitoring host that uses the checknrpe plugin. Various plugins that can be executed by the daemon are available at: http://sourceforge.net/projects/nagiosplug This package provides the core agent...

spider_man

This plugin is a local proxy that can be used to give the framework knowledge about the web application when it has a lot of client side code like Flash or Java applets. Whenever a w3af needs to test an application with flash or javascript, the user should enable this plugin and use a web browser...

[SECURITY] Fedora 19 Update: nrpe-2.14-3.fc19

Nrpe is a system daemon that will execute various Nagios plugins locally on behalf of a remote monitoring host that uses the checknrpe plugin. Various plugins that can be executed by the daemon are available at: http://sourceforge.net/projects/nagiosplug This package provides the core agent...