WordPress PHP Event Calendar plugin version 1.5 suffers from an arbitrary file upload vulnerability.
Monthly Archives: April 2015
WordPress Simple Ads Manager 2.5.94 / 2.5.96 Information Disclosure
WordPress Simple Ads Manager plugin versions 2.5.94 and 2.5.96 suffer from an information disclosure vulnerability.
OpenSSH 6.8 Insecure Functions
OpenSSH version 6.8 makes use of some insecure functions.
OpenSSL 1.0.2a Insecure Functions
OpenSSL version 1.0.2a makes use of some insecure functions.
CVE-2015-0685
Cisco IOS XE before 3.7.5S does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873.
CVE-2015-0687
The SNMP implementation in Cisco IOS 15.1(2)SG4 on Catalyst 4500 devices, when single-switch Virtual Switching System (VSS) is configured, allows remote authenticated users to cause a denial of service (device crash) by performing SNMP polling, aka Bug ID CSCuq04574.
CVE-2015-0686
Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240.
Synology.com Cross Site Scripting
Synology.com suffered from a cross site scripting vulnerability.
OpenSCAP Libraries 1.2.2
The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
VMware Security Advisory 2015-0003
VMware Security Advisory 2015-0003 – VMware product updates address critical information disclosure issue in JRE.