The Netlux Antivirus suffers from an unquoted search path issue impacting the Session Manager Service ‘NXSessSvc’ service for Windows deployed as part of Netlux Antivirus package. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. Versions 1.0.1.8 and 1.0.1.4 are affected.
Monthly Archives: June 2015
Symphony CMS 2.6.2 Cross Site Scripting
Symphony CMS version 2.6.2 suffers from a cross site scripting vulnerability.
D-Link DSL-2780B DLink_1.01.14 Unauthenticated Remote DNS Change
D-Link DSL-2780B DLink_1.01.14 suffers from an unauthenticated remote DNS change vulnerability.
TP-Link ADSL2+ TD-W8950ND Unauthenticated Remote DNS Change
TP-Link ADSL2+ TD-W8950ND suffers from an unauthenticated remote DNS change vulnerability.
D-Link DSL-2730B AU_2.01 Authentication Bypass DNS Change
D-Link DSL-2730B AU_2.01 suffers from an authentication bypass vulnerability that allows an attacker to change DNS settings.
D-Link DSL-526B ADSL2+ AU_2.01 Unauthenticated Remote DNS Change
D-Link DSL-526B ADSL2+ AU_2.01 suffers from an unauthenticated remote DNS change vulnerability.
Fedora 20 Security Update: mbedtls-1.3.11-1.fc20
– Update to 1.3.11
This release is mainly fixing a number of outstanding issues and security fixes. Minor features have been added to enhance functionality and usability.
Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-1.3.11-released
Fedora 21 Security Update: mbedtls-1.3.11-1.fc21
– Update to 1.3.11
This release is mainly fixing a number of outstanding issues and security fixes. Minor features have been added to enhance functionality and usability.
Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-1.3.11-released
Fedora 22 Security Update: mbedtls-1.3.11-1.fc22
– Update to 1.3.11
This release is mainly fixing a number of outstanding issues and security fixes. Minor features have been added to enhance functionality and usability.
Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-1.3.11-released
Fedora 21 Security Update: qemu-2.1.3-8.fc21
Resolved Bugs
1151253 – User interface freezes when entering space character in Xfig
1213053 – Backport {Haswell,Broadwell}-noTSX cpu models
1222894 – qemu: insecure temporary file use in /net/slirp.c [fedora-all]
1222892 – CVE-2015-4037 qemu: insecure temporary file use in /net/slirp.c<br
* User interface freezes when entering space character in Xfig (bz #1151253)
* CVE-2015-4037: insecure temporary file use in /net/slirp.c (bz #1222894)
* Backport {Haswell,Broadwell}-noTSX cpu models (bz #1213053)