MGASA-2014-0521 Updated flash-player-plugin packages fix multiple security vulnerabilities

Adobe Flash Player 11.2.202.425 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves memory corruption vulnerabilities that could lead to code execution CVE-2014-0587,...

Flash Player <= 15.0.0.239 Multiple Vulnerabilities (APSB14-27)

According to its version, the installation of Adobe Flash Player installed on the remote Windows host is equal or prior to 15.0.0.239. It is, therefore, affected by the following vulnerabilities : - A security bypass vulnerability that allows an attacker to bypass the same-origin policy...

Flash Player For Mac <= 15.0.0.239 Multiple Vulnerabilities (APSB14-27)

According to its version, the installation of Adobe Flash Player installed on the remote Mac OS X host is equal or prior to 15.0.0.239. It is, therefore, affected by the following vulnerabilities : - A security bypass vulnerability that allows an attacker to bypass the same-origin policy...

Google Chrome < 39.0.2171.95 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 39.0.2171.95. It is, therefore, affected by the following vulnerabilities : - A security bypass vulnerability that allows an attacker to bypass the same-origin policy. CVE-2014-0580 - Multiple memory corrupti...

Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64 (20141202)

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2014-1587, CVE-2014-1590, CVE-2014-1592, CVE-2014-1593 A flaw was...

Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20141202)

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. CVE-2014-1587, CVE-2014-1590, CVE-2014-1592, CVE-2014-1593 A...

thunderbird security update

CentOS Errata and Security Advisory CESA-2014:1924 An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System...

firefox security update

CentOS Errata and Security Advisory CESA-2014:1919 Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS bas...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Important: Red Hat Security Advisory: thunderbird security update

An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Supr Shopsystem 5.1.0 - Persistent UI Vulnerability

Exploit for php platform in category web applications Product & Service Introduction: =============================== SUPR is a modern and user-friendly system which allows each store very quickly and easily create their own online store. Without installation and own webspace you can begin to...

DEBIAN-CVE-2014-3620

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain...

CVE-2014-3620

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain...

CVE-2014-3620

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain...

Design/Logic Flaw

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain...

CVE-2014-3620

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain...

CVE-2014-3620

The provided connected sources confirm CVE-2014-3620: cURL/libcURL could allow a remote attacker to bypass security restrictions by setting cookies for Top Level Domains (TLDs). Affected are curl/libcurl prior to the fix; the issue enables a cookie to be set for a TLD (for example ".me."), and th...

CVE-2014-3620

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain...

Code injection

Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source...

Mozilla.org Cross Site Scripting

Domains: http://lxr.mozilla.org/ http://mxr.mozilla.org/ The two domains above are almost the same Websites information: lxr.mozilla.org, mxr.mozilla.org are cross references designed to display the Mozilla source code. The sources displayed are those that are currently checked in to the mainline...