HP Security Bulletin HPSBMU03263 1 – Potential security vulnerabilities have been identified with HP Insight Control running OpenSSL. These vulnerabilities include the SSLv3 vulnerability known as “Padding Oracle on Downgraded Legacy Encryption” or “POODLE”, which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

HP Security Bulletin HPSBGN03285 1 – Potential security vulnerabilities have been identified with these three packages. These vulnerabilities could be exploited to allow execution of code. HP Operation Agent Virtual Appliance for monitoring VMware vSphere environments (OAVA) HP Virtualization Performance Viewer for monitoring VMware vSphere environments (vPV VA) HP Operations Manager i 10.00 Virtual (OMi VA). Revision 1 of this advisory.

HP Security Bulletin HPSBMU03301 1 – Potential security vulnerabilities have been identified with HP BladeSystem c-Class Onboard Administrator. These vulnerabilities include the SSLv3 vulnerability known as “Padding Oracle on Downgraded Legacy Encryption” or “POODLE”, which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

HP Security Bulletin HPSBHF03275 1 – A potential security vulnerability has been identified with HP Integrated Lights-Out 2, 3, and 4 (iLO 2, iLO 3, iLO 4). The vulnerability could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

HP Security Bulletin HPSBHF03276 1 – A potential security vulnerability has been identified with HP Integrated Lights-Out 2, 3, and 4 (iLO 2, iLO 3, iLO 4). The vulnerability could be exploited remotely resulting in unauthorized access or Denial of Service. Revision 1 of this advisory.

HP Security Bulletin HPSBMU03262 2 – A potential security vulnerability has been identified with the HP Version Control Agent running OpenSSL on Linux and Windows. This vulnerability is the SSLv3 vulnerability known as “Padding Oracle on Downgraded Legacy Encryption” or “POODLE”, which could be exploited remotely to allow disclosure of information. A second vulnerability could be exploited to cause a Denial of Service (Dos). Revision 2 of this advisory.

Red Hat Security Advisory 2015-0719-01 – Red Hat JBoss Web Framework Kit combines popular open source web frameworks into a single solution for Java applications. RichFaces is an open source framework that adds Ajax capability into existing JavaServer Faces applications. It was found that the ‘do’ parameter permitted expression language injection, which could allow a remote attacker to execute Java methods on an affected server.

Red Hat Security Advisory 2015-0720-01 – Red Hat JBoss Fuse Service Works is the next-generation ESB and business process automation infrastructure. This roll up patch serves as a cumulative upgrade for Red Hat JBoss Fuse Service Works 6.0.0. It includes various bug fixes, which are listed in the README file included with the patch files.

HP Security Bulletin HPSBGN03288 1 – A potential security vulnerability has been identified with HP Server Automation. This vulnerability could be exploited remotely to allow execution of arbitrary code. Revision 1 of this advisory.

WordPress Marketplace version 2.4.0 suffers from an arbitrary file download vulnerability.