Red Hat Security Advisory 2016-1776-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix: An insufficient bytecode verification flaw was discovered in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.
49fb553f781a4fb3768e1f5965572b0d7f7c4362a804c7d52fefa6aacf26bdf1DataLife Engine versions 11.1 and below suffer from a cross site scripting vulnerability.
ea889cf18fd2c4e8f46edc59936b5c7c8def113b7e7918f531a75da94518c057NECROSOFT NScan versions 0.9.1 and below suffer from a buffer overflow vulnerability.
0c0c6731dc34e16d35ec2d207c6197db9c5be8331353a3a8c6257f5e54646161Htcap is a web application analysis tool for detecting communications between javascript and the server. It crawls the target application and maps ajax calls, dynamically inserted scripts, websockets calls, dynamically loaded resources and some interesting elements. The generated report is meant to be a good starting point for a manual web application security audit. Htcap is written in python and uses phantomjs to load pages injecting a probe that analyzes javascript behaviour. Once injected, the probe, overrides native javascript methods in order to intercept communications and DOM changes. It also simulates user interaction by firing all attached events and by filling html inputs.
361c1123ace8457b032976f9819e01dfb15f1be1dc563f1039b2e802472f702eDebian Linux Security Advisory 3654-1 - Two vulnerabilities were discovered in quagga, a BGP/OSPF/RIP routing daemon.
25c09a37562c4b6e5388e52d121a5fd6c975e1347392e663a3722c450e2bd3cbDebian Linux Security Advisory 3652-1 - handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum, PDB, DDS, DCM, EXIF, RGF or BMP files are processed.
86f82123fa7a7dda6e9bf4a697f83c57a7e7b708b8514ad9004f3b0ba28ee0daKV Site Admin CMS version 3.0 suffers from a remote SQL injection vulnerability.
e2edc690815f4a0488318af7e248e94042a11e27d906f77dd7b62ffdf5f000b4Zarafe CMS version 1.0 suffers from a cross site request forgery vulnerability.
f2bff0f6462a7731609e0c8c5f2e2a5d11fbfd2f8785259a9054797a28039b0eZarafe CMS version 1.0 suffers from a cross site scripting vulnerability.
2c212b74dba952a9eba9c5eb7fef6a80390e117af9f21b2c278a69698498548aApple's libc security update for OS X El Capitan version 10.11.2 has an incomplete fix.
1e5f9c6d0b83d92011bbf4e96ebccd3cac5637b6b7ee38f795eecf2e67ee7819Hotspot Shield suffers from a dll hijacking vulnerability.
734e59498529f65dd47e43719644d5b17369a52c20a7f1c17a1f20a1aa204c6bE-Cidade versions 2.3.52 and below suffer from a directory traversal vulnerability.
7b167d8f8cbd06850269418cacdf6e513f979f6bc3e07c7a71ed0b2bb930fb60
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed