|
|
Colapse all |
Post message
Soundy Background Music XSS Vulnerability 2016-03-12 Rahul Pratap Singh (techno rps gmail com) ## FULL DISCLOSURE #Product : Soundy Background Music #Exploit Author : Rahul Pratap Singh #Version : 3.1 #Home page Link : https://wordpress.org/plugins/soundy-background-music/ #Website : 0x62626262.wordpress.com #Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 #Date : 12/3/2016 XSS Vu [ more ] [ reply ] WebKitGTK+ Security Advisory WSA-2016-0002 2016-03-11 Carlos Alberto Lopez Perez (clopez igalia com) DW Question Answer Stored XSS Vulnerability 2016-03-11 Rahul Pratap Singh (techno rps gmail com) ## FULL DISCLOSURE #Product : DW Question Answer #Exploit Author : Rahul Pratap Singh #Version : 1.4.2.2 #Home page Link : https://wordpress.org/plugins/dw-question-answer/ #Website : 0x62626262.wordpress.com #Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 #Date : 11/3/2016 XSS Vulnerab [ more ] [ reply ] [slackware-security] openssh (SSA:2016-070-01) 2016-03-11 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openssh (SSA:2016-070-01) New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ [ more ] [ reply ] oss-2016-18: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) 2016-03-10 Ralf Spenneberg (info os-t de) OS-S Security Advisory 2016-18 Linux ati_remote2 multiple Nullpointer Dereferences Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C) Title: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel [ more ] [ reply ] oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) 2016-03-10 Ralf Spenneberg (info os-t de) OS-S Security Advisory 2016-17 Linux snd-usb-audio Multiple Free Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C) Title: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) o [ more ] [ reply ] oss-2016-16: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (snd-usb-audio driver) 2016-03-10 Ralf Spenneberg (info os-t de) OS-S Security Advisory 2016-16 Linux snd-usb-audio Nullpointer Dereference Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C) Title: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on inval [ more ] [ reply ] oss-2016-15: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) 2016-03-10 Ralf Spenneberg (info os-t de) OS-S Security Advisory 2016-15 Linux iowarrior Nullpointer Dereference Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C) Title: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid [ more ] [ reply ] oss-2016-14: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (gtco driver) 2016-03-10 Ralf Spenneberg (info os-t de) OS-S Security Advisory 2016-10 Linux visor (treo_attach) Nullpointer Dereference Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: CVE-2016-2782 CVSS: 4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C) Title: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on in [ more ] [ reply ] oss-2016-13: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) 2016-03-10 Ralf Spenneberg (info os-t de) OS-S Security Advisory 2016-13 Linux powermate Nullpointer Dereference Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C) Title: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid [ more ] [ reply ] [SECURITY] [DSA 3513-1] chromium-browser security update 2016-03-10 Michael Gilbert (mgilbert debian org) [ANNOUNCE] CVE-2016-0734: ActiveMQ Web Console - Clickjacking 2016-03-10 Christopher Shannon (christopher l shannon gmail com) There following security vulnerability was reported against Apache ActiveMQ 5.13.1 and older versions. Please check the following document and see if youâ??re affected by the issue. http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announ cement.txt Apache ActiveMQ 5.13.2 and newer [ more ] [ reply ] [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting 2016-03-10 Christopher Shannon (christopher l shannon gmail com) There following security vulnerability was reported against Apache ActiveMQ 5.13.0 and older versions. Please check the following document and see if youâ??re affected by the issue. http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announ cement.txt Apache ActiveMQ 5.13.1 and newer [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-16:12.openssl 2016-03-10 FreeBSD Security Advisories (security-advisories freebsd org) FreeBSD Security Advisory FreeBSD-SA-16:13.bind 2016-03-10 FreeBSD Security Advisories (security-advisories freebsd org) [slackware-security] mozilla-nss (SSA:2016-069-02) 2016-03-10 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-nss (SSA:2016-069-02) New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/pa [ more ] [ reply ] [slackware-security] bind (SSA:2016-069-01) 2016-03-10 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] bind (SSA:2016-069-01) New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patch [ more ] [ reply ] Microsoft Edge CDOMTextNode::get_data type confusion 2016-03-11 Berend-Jan Wever (berendjanwever gmail com) Hey, Last Tuesday, Microsoft fixed a security issue in Microsoft Edge that I was aware of, but had not had time to report. (i.e. I was waiting for vulnerability contributor programs to look over my analysis and make me an offer for the information). Since this issue has been fixed, I have published [ more ] [ reply ] [SE-2012-01] Broken security fix in Oracle Java SE 7/8/9 2016-03-10 Security Explorations (contact security-explorations com) Hello All, On Mar 07, 2016 Security Explorations modified its Disclosure Policy [1]. As a result, we do not tolerate broken fixes any more. If an instance of a broken fix for a vulnerability we already reported to the vendor is encountered, it gets disclosed by us without any prior notice. The ve [ more ] [ reply ] [CORE-2016-0003] - Samsung SW Update Tool MiTM 2016-03-09 CORE Advisories Team (advisories coresecurity com) 1. Advisory Information Title: Samsung SW Update Tool MiTM Advisory ID: CORE-2016-0003 Advisory URL: http://www.coresecurity.com/advisories/samsung-sw-update-tool-mitm Date published: 2016-03-07 Date of last update: 2016-03-04 Vendors contacted: Samsung Release mode: Coordinated release 2. Vulnera [ more ] [ reply ] Cisco Security Advisory: Cisco ASA Content Security and Control Security Services Module Denial of Service Vulnerability 2016-03-09 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Cisco ASA Content Security and Control Security Services Module Denial of Service Vulnerability Advisory ID: cisco-sa-20160309-csc Revision 1.0 For Public Release 2016 March 09 16:00 GMT (UTC) +--------------------------- [ more ] [ reply ] [CORE-2016-0004] - SAP Download Manager Password Weak Encryption 2016-03-09 CORE Advisories Team (advisories coresecurity com) 1. Advisory Information Title: SAP Download Manager Password Weak Encryption Advisory ID: CORE-2016-0004 Advisory URL: http://www.coresecurity.com/advisories/sap-download-manager-password-wea k-encryption Date published: 2016-03-08 Date of last update: 2016-03-07 Vendors contacted: SAP Release mode: [ more ] [ reply ] Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr" 2016-03-09 X41 D-Sec GmbH Advisories (advisories x41-dsec de) X41 D-Sec GmbH Security Advisory: X41-2016-001 Memory Corruption Vulnerability in "libotr" =========================================== Overview -------- Severity Rating: high Confirmed Affected Version: 4.1.0 and below Confirmed Patched Version: libotr 4.1.1 Vendor: OTR Development Team Vendor UR [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA256
- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3516-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
March 13, 2016
[ more ] [ reply ]