CVE-2014-2334

Multiple cross-site scripting XSS vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336...

Debian DSA-3050-1 : iceweasel - security update

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service, the bypass of the same-origi...

[SECURITY] [DSA 3050-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3050-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 15, 2014 http://www.debian.org/security/faq -...

DSA-3050-1 iceweasel - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3050-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 21 Update: phpMyAdmin-4.2.9.1-1.fc21

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] [DSA 3046-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3046-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 05, 2014 http://www.debian.org/security/faq -...

Moderate: Red Hat Security Advisory: python-django-horizon security and bug fix update

Updated python-django-horizon packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scori...

CVE-2014-4819

The web user interface in IBM WebSphere Message Broker 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.3 allows remote authenticated users to obtain sensitive information by reading the error page...

Riverbed SteelApp (Stingray) Traffic Manager < 9.7 Multiple XSS

The remote host is a Riverbed SteelApp formerly known as Stingray Traffic Manager running a version of the web user interface prior to 9.7. It is, therefore, affected by multiple cross-site scripting vulnerabilities in the 'locallog.cgi' script due to improper validation of user-supplied input to...

Windows 9 Start Menu Demo Video Leaked Online

After providing the glimpses of the next Windows, one of the screenshot leakers has now obtained a short video showing off a build of the very new Windows 9, aka "Threshold," features as well as how users can expect to use it. Two German sites, ComputerBase and WinFuture, posted 20 screenshots on...

Innovaphone PBX Admin-GUI - CSRF Vulnerability

Exploit for multiple platform in category web applications Title: Innovaphone PBX Admin-GUI CSRF Impact: High CVSS2 Score: 7.8 AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C Announced: August 21, 2014 Reporter: Rainer Giedat NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de Products: Innovaphone PBX...

Android Side-Channel Hack Leads to Data Loss at USENIX

A weakness in Android, one that’s likely also found in other leading operating systems, allows an attacker to infer what’s happening on a victim’s user interface and launch an appropriate secondary attack resulting in data loss. Researchers from the University of Michigan and the University of...

Innovaphone PBX Admin-GUI - Cross-Site Request Forgery

Title: Innovaphone PBX Admin-GUI CSRF Impact: High CVSS2 Score: 7.8 AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C Announced: August 21, 2014 Reporter: Rainer Giedat NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de Products: Innovaphone PBX Administration GUI Affected Versions: all known versions teste...

Hacking Gmail App with 92 Percent Success Rate

A group of security researchers has successfully discovered a method to hack into six out of seven popular Smartphone apps, including Gmail across all the three platforms - Android, Windows, and iOS operating systems - with shockingly high success rate of up to 92 percent. Computer scientists the...

[SECURITY] Fedora 20 Update: cinnamon-control-center-2.2.10-1.fc20.1

This package contains configuration utilities for the Cinnamon desktop, whi ch allow to configure accessibility options, desktop fonts, keyboard and mouse properties, sound setup, desktop theme and background, user interface properties, screen resolution, and other settings...

[SECURITY] Fedora 20 Update: gnome-shell-3.10.4-7.fc20

GNOME Shell provides core user interface functions for the GNOME 3 desktop, like switching to windows and launching applications. GNOME Shell takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts to provide a visually attractive and easy...

[SECURITY] Fedora 20 Update: control-center-3.10.3-2.fc20

This package contains configuration utilities for the GNOME desktop, which allow to configure accessibility options, desktop fonts, keyboard and mouse properties, sound setup, desktop theme and background, user interface properties, screen resolution, and other settings...

Design/Logic Flaw

Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface, a different vulnerability than CVE-2014-4269...

CVE-2014-4269

Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface, a different vulnerability than CVE-2014-4270...