Apple Security Advisory 2014-09-17-1 – iOS 8 is now available and addresses wifi credential interception, identifier disclosure, path traversal, and various other vulnerabilities.
Monthly Archives: September 2014
Red Hat Security Advisory 2014-1256-01
Red Hat Security Advisory 2014-1256-01 – An update for the openssl component for Red Hat JBoss Web Server 2.1.0 that fixes multiple security issues is now available from the Red Hat Customer Portal.
ClassApps SelectSurvey.net 4.124.004 SQL Injection
ClassApps SelectSurvey.net version 4.124.004 suffers from multiple remote SQL injection vulnerabilities.
Drupal Patches XSS Vulnerability in Spam Module
Drupal released an update that patches a moderately critical cross-site scripting vulnerability in its Mollom content and spam moderation module.
Nokia Asha Lock Code Bypass
The Nokia Asha platform suffers from a lock code bypass vulnerability that allows for access to call records.
Livefyre LiveComments 3.0 Cross Site Scripting
Livefyre LiveComments version 3.0 suffers from a persistent cross site scripting vulnerability.
WordPress WP-Ban 1.62 Bypass
WordPress WP-Ban plugin version 1.62 suffers from a bypass vulnerability when a properly minted X-Forwarded-For header is used.
WordPress Login Widget With Shortcode 3.1.1 CSRF / XSS
WordPress Login Widget With Shortcode plugin version 3.1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
OsClass 3.4.1 Cross Site Scripting
OsClass version 3.4.1 suffers from multiple cross site scripting vulnerabilities.
OsClass 3.4.1 Local File Inclusion
OsClass version 3.4.1 suffers from a local file inclusion vulnerability.