Security News

Vuln: JasPer 'jas_matrix_create()' Function Integer Overflow Vulnerability

Security Focus Vulnerabilities - 24 December, 2016 - 00:00
JasPer 'jas_matrix_create()' Function Integer Overflow Vulnerability

Vuln: Autodesk Design Review CVE-2015-8571 Remote Buffer Overflow Vulnerability

Security Focus Vulnerabilities - 8 December, 2016 - 00:00
Autodesk Design Review CVE-2015-8571 Remote Buffer Overflow Vulnerability

Vuln: mod_nss Module CVE-2015-5244 Security Bypass Vulnerability

Security Focus Vulnerabilities - 14 September, 2016 - 23:00
mod_nss Module CVE-2015-5244 Security Bypass Vulnerability

Bugtraq: [SECURITY] [DSA 3625-1] squid3 security update

Security Focus Vulnerabilities - 19 min 36 sec ago
[SECURITY] [DSA 3625-1] squid3 security update

Bugtraq: Dreammail 5 mail client XSS Vulnerability

Security Focus Vulnerabilities - 19 min 36 sec ago
Dreammail 5 mail client XSS Vulnerability

Bugtraq: [slackware-security] gimp (SSA:2016-203-01)

Security Focus Vulnerabilities - 19 min 36 sec ago
[slackware-security] gimp (SSA:2016-203-01)

Bugtraq: [slackware-security] php (SSA:2016-203-02)

Security Focus Vulnerabilities - 19 min 36 sec ago
[slackware-security] php (SSA:2016-203-02)

More rss feeds from SecurityFocus

Security Focus Vulnerabilities - 19 min 36 sec ago
News, Infocus, Columns, Vulnerabilities, Bugtraq ...

Bugtraq: [security bulletin] HPSBGN03631 rev.1 - HPE IceWall Identity Manager and HPE IceWall SSO Password Reset Option running Apache Commons FileUpload, Remote Denial of Service (DoS)

Security Focus Vulnerabilities - 22 July, 2016 - 04:55
[security bulletin] HPSBGN03631 rev.1 - HPE IceWall Identity Manager and HPE IceWall SSO Password Reset Option running Apache Commons FileUpload, Remote Denial of Service (DoS)

[SECURITY] [DSA 3625-1] squid3 security update

Bug Traq - 22 July, 2016 - 04:39

Posted by Sebastien Delafond on Jul 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-3625-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
July 22, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : squid3
CVE ID : CVE-2016-4051 CVE-2016-4052...

Bugtraq: MySQL zero-day vulnerabilities (July 2016 CPU)

Security Focus Vulnerabilities - 22 July, 2016 - 01:40
MySQL zero-day vulnerabilities (July 2016 CPU)

Bugtraq: [SECURITY] [DSA 3624-1] mysql-5.5 security update

Security Focus Vulnerabilities - 22 July, 2016 - 01:40
[SECURITY] [DSA 3624-1] mysql-5.5 security update

Dreammail 5 mail client XSS Vulnerability

Bug Traq - 22 July, 2016 - 01:28

Posted by wwiinngd on Jul 21

Title: Dreammail 5 mail client XSS Vulnerability
Software : Dreammail

Software Version : v5.16

Vendor: www.dreammail.org

Vulnerability Published : 2016-03-21

Author:zhenwei_qi
Email:wwiinngd () gmail com
Impact : Medium(CVSS2 Base : 4.3, AV:N/AC:M/Au:N/C:N/I:P/A:N)

Bug Description :
DreamMail is an email client application, which allows its users to send, receive, and

manage emails.
Dreammail (ver 5.16) may be compromised by...

[slackware-security] gimp (SSA:2016-203-01)

Bug Traq - 22 July, 2016 - 01:15

Posted by Slackware Security Team on Jul 21

[slackware-security] gimp (SSA:2016-203-01)

New gimp packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/gimp-2.8.18-i586-1_slack14.2.txz: Upgraded.
This release fixes a security issue:
Use-after-free vulnerability in the xcf_load_image function in
app/xcf/xcf-load.c in GIMP allows remote...

[slackware-security] php (SSA:2016-203-02)

Bug Traq - 22 July, 2016 - 01:05

Posted by Slackware Security Team on Jul 21

[slackware-security] php (SSA:2016-203-02)

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php-5.6.24-i586-1_slack14.2.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
http://php.net/ChangeLog-5.php#5.6.24...

[security bulletin] HPSBGN03631 rev.1 - HPE IceWall Identity Manager and HPE IceWall SSO Password Reset Option running Apache Commons FileUpload, Remote Denial of Service (DoS)

Bug Traq - 22 July, 2016 - 00:55

Posted by security-alert on Jul 21

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05204371

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05204371
Version: 1

HPSBGN03631 rev.1 - HPE IceWall Identity Manager and HPE IceWall SSO Password
Reset Option running Apache Commons FileUpload, Remote Denial of Service
(DoS)

NOTICE: The information in this Security Bulletin...

MySQL zero-day vulnerabilities (July 2016 CPU)

Bug Traq - 22 July, 2016 - 00:48

Posted by lem . nikolas on Jul 21

MySQL is the most popular and most widely used database in the world. MySQL customers include NASA, US Navy, Google,
Facebook, Twitter just to cite a few..

In partnership with Oracle Inc. we have worked delicately to enhance the security of the open-source product, and to
identify and mitigate those vulnerabilities.

Sincere thanks to Oracle Inc for the prompt response and adequate mitigation to the issues.

You can get a copy of the report...

[SECURITY] [DSA 3624-1] mysql-5.5 security update

Bug Traq - 22 July, 2016 - 00:36

Posted by Salvatore Bonaccorso on Jul 21

-------------------------------------------------------------------------
Debian Security Advisory DSA-3624-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
July 21, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : mysql-5.5
CVE ID : CVE-2016-3477 CVE-2016-3521...

Cisco Security Advisory: Vulnerability in Objective Systems ASN1C Compiler Affecting Cisco Products

Bug Traq - 22 July, 2016 - 00:24

Posted by Cisco Systems Product Security Incident Response Team on Jul 21

Cisco Security Advisory: Vulnerability in Objective Systems ASN1C Compiler Affecting Cisco Products

Advisory ID: cisco-sa-20160721-asn1c

Revision: 1.0

For Public Release: 2016 July 21 19:00 GMT

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the ASN1C compiler by Objective Systems affects Cisco ASR 5000 devices running StarOS and Cisco
Virtualized Packet Core (VPC) systems. The...

Bugtraq: CVE-2016-5399: php: out-of-bounds write in bzread()

Security Focus Vulnerabilities - 22 July, 2016 - 00:05
CVE-2016-5399: php: out-of-bounds write in bzread()
Syndicate content